dridex | 2c5d2852a43e2cae331454b51556bce3eae86fe3ce365be64042a0170ebdb686 | Triage

Sharing

General

Target

JaffaCakes118_2c5d2852a43e2cae331454b51556bce3eae86fe3ce365be64042a0170ebdb686
Size

166KB
Sample

241222-n6xmcaxla1
MD5

89f78543a603c097cc362949066babd6
SHA1

15e7405442651447e0b249f829f8ecaad997b647
SHA256

2c5d2852a43e2cae331454b51556bce3eae86fe3ce365be64042a0170ebdb686
SHA512

69c50c21dcdf100f1707ded9efc1626833cfd97aa6da959fc477a863f8dab11f9f42807e025a827d5431f5c69dce8db6e07a4066256f11dbed996d2a35edda58
SSDEEP

3072:1uFbQtsYQcjxanytIp92/l1iPPqs1/whG68DaHrnpDZ+3l:10czbty9uiaJlCl

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

131.100.24.202:443

193.160.214.95:4125

67.43.4.76:8172

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_2c5d2852a43e2cae331454b51556bce3eae86fe3ce365be64042a0170ebdb686
- Size
  
  166KB
- MD5
  
  89f78543a603c097cc362949066babd6
- SHA1
  
  15e7405442651447e0b249f829f8ecaad997b647
- SHA256
  
  2c5d2852a43e2cae331454b51556bce3eae86fe3ce365be64042a0170ebdb686
- SHA512
  
  69c50c21dcdf100f1707ded9efc1626833cfd97aa6da959fc477a863f8dab11f9f42807e025a827d5431f5c69dce8db6e07a4066256f11dbed996d2a35edda58
- SSDEEP
  
  3072:1uFbQtsYQcjxanytIp92/l1iPPqs1/whG68DaHrnpDZ+3l:10czbty9uiaJlCl
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader