dridex | 67f038871a1101b39f95b3c25cef33229c854fd77e92f59ee07fd30917c6e56d | Triage

Sharing

General

Target

JaffaCakes118_67f038871a1101b39f95b3c25cef33229c854fd77e92f59ee07fd30917c6e56d
Size

184KB
Sample

241222-lg563stjbr
MD5

397e7fba9889b6594a796f1b8708bd84
SHA1

f7d17bc492def46f82256f27b59ab2ab511f1601
SHA256

67f038871a1101b39f95b3c25cef33229c854fd77e92f59ee07fd30917c6e56d
SHA512

22fef4be635870cb1d1167d06cba3b6ad4ebe87c0e65e9837546dc862377a51ded96d7363b189930e6f6df91c88cc9282d285727fff8381bdd8311ff789dd5eb
SSDEEP

3072:8iLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoalzoxss7:8iLVCIT4WK2z1W+CUHZj4Skq/eaowoC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_67f038871a1101b39f95b3c25cef33229c854fd77e92f59ee07fd30917c6e56d
- Size
  
  184KB
- MD5
  
  397e7fba9889b6594a796f1b8708bd84
- SHA1
  
  f7d17bc492def46f82256f27b59ab2ab511f1601
- SHA256
  
  67f038871a1101b39f95b3c25cef33229c854fd77e92f59ee07fd30917c6e56d
- SHA512
  
  22fef4be635870cb1d1167d06cba3b6ad4ebe87c0e65e9837546dc862377a51ded96d7363b189930e6f6df91c88cc9282d285727fff8381bdd8311ff789dd5eb
- SSDEEP
  
  3072:8iLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoalzoxss7:8iLVCIT4WK2z1W+CUHZj4Skq/eaowoC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader