dridex | 7c12d8263e4cfe7b26681630d48b1cfaa6c8bcdb99c14e42fe60bd215fefd219 | Triage

Sharing

General

Target

JaffaCakes118_7c12d8263e4cfe7b26681630d48b1cfaa6c8bcdb99c14e42fe60bd215fefd219
Size

184KB
Sample

241222-frlyasvnem
MD5

9a58bcb3dec4b2e0155e06dfe8155663
SHA1

dc015d8e595984aa9082e243e28e3ed839919eba
SHA256

7c12d8263e4cfe7b26681630d48b1cfaa6c8bcdb99c14e42fe60bd215fefd219
SHA512

6b3cc2ea8c9259518c1774cc2b256177912788ce6aa6a00c4e2f4fb2f0a4b1c6f51f88c9031e6845ac579771b32a00803840c34ef484c8b7c57d52c7bbfc1d02
SSDEEP

3072:0iLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoflzoxss7:0iLVCIT4WK2z1W+CUHZj4Skq/eao9oC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_7c12d8263e4cfe7b26681630d48b1cfaa6c8bcdb99c14e42fe60bd215fefd219
- Size
  
  184KB
- MD5
  
  9a58bcb3dec4b2e0155e06dfe8155663
- SHA1
  
  dc015d8e595984aa9082e243e28e3ed839919eba
- SHA256
  
  7c12d8263e4cfe7b26681630d48b1cfaa6c8bcdb99c14e42fe60bd215fefd219
- SHA512
  
  6b3cc2ea8c9259518c1774cc2b256177912788ce6aa6a00c4e2f4fb2f0a4b1c6f51f88c9031e6845ac579771b32a00803840c34ef484c8b7c57d52c7bbfc1d02
- SSDEEP
  
  3072:0iLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoflzoxss7:0iLVCIT4WK2z1W+CUHZj4Skq/eao9oC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader