dridex | 578c0f2252a123d7e00555347e1432c5e40501d357d00a649ad4bf53dc52843e | Triage

Sharing

General

Target

JaffaCakes118_578c0f2252a123d7e00555347e1432c5e40501d357d00a649ad4bf53dc52843e
Size

184KB
Sample

241221-z4qxkazmfy
MD5

5881ab404b291ab602cc0f878db6ca61
SHA1

642c8b8a6466c8ea6d8420ace370fa8b42a98314
SHA256

578c0f2252a123d7e00555347e1432c5e40501d357d00a649ad4bf53dc52843e
SHA512

910ea109c60fc3f952569db7812419c4919896db9c45ccc6330f0448e6ec76227d6239e9ba00c9eed2fc0af712a969708b737b2a47082f38fabd8cac4967b264
SSDEEP

3072:TiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaowlzoxss7:TiLVCIT4WK2z1W+CUHZj4Skq/eaoOoC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_578c0f2252a123d7e00555347e1432c5e40501d357d00a649ad4bf53dc52843e
- Size
  
  184KB
- MD5
  
  5881ab404b291ab602cc0f878db6ca61
- SHA1
  
  642c8b8a6466c8ea6d8420ace370fa8b42a98314
- SHA256
  
  578c0f2252a123d7e00555347e1432c5e40501d357d00a649ad4bf53dc52843e
- SHA512
  
  910ea109c60fc3f952569db7812419c4919896db9c45ccc6330f0448e6ec76227d6239e9ba00c9eed2fc0af712a969708b737b2a47082f38fabd8cac4967b264
- SSDEEP
  
  3072:TiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaowlzoxss7:TiLVCIT4WK2z1W+CUHZj4Skq/eaoOoC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader