dridex | 33eb7a917cf68a6ceaacc00e9402c40c9e125c13c70329c3817b9a6b006ec95c | Triage

Sharing

General

Target

JaffaCakes118_33eb7a917cf68a6ceaacc00e9402c40c9e125c13c70329c3817b9a6b006ec95c
Size

184KB
Sample

241222-gflzlawnfm
MD5

82db5f1a9b1c270b90bd67a840e88a83
SHA1

b6bf386489a63416c2ad099528117770a147671c
SHA256

33eb7a917cf68a6ceaacc00e9402c40c9e125c13c70329c3817b9a6b006ec95c
SHA512

b419c23a9694c68a1a8d364ad303c55fc2748f89ea14fb7f417697f89590f3a5c6b56b7770bc4f2483c6a0605bdac5236ec00fffc490543f66562b3e0523f31a
SSDEEP

3072:viLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eao4lzoxss7:viLVCIT4WK2z1W+CUHZj4Skq/eaomoC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_33eb7a917cf68a6ceaacc00e9402c40c9e125c13c70329c3817b9a6b006ec95c
- Size
  
  184KB
- MD5
  
  82db5f1a9b1c270b90bd67a840e88a83
- SHA1
  
  b6bf386489a63416c2ad099528117770a147671c
- SHA256
  
  33eb7a917cf68a6ceaacc00e9402c40c9e125c13c70329c3817b9a6b006ec95c
- SHA512
  
  b419c23a9694c68a1a8d364ad303c55fc2748f89ea14fb7f417697f89590f3a5c6b56b7770bc4f2483c6a0605bdac5236ec00fffc490543f66562b3e0523f31a
- SSDEEP
  
  3072:viLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eao4lzoxss7:viLVCIT4WK2z1W+CUHZj4Skq/eaomoC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader