dridex | 79e6632317e4da9d1b7620ace493f5f68c6e50412eae74f3ad99f38073dcf769 | Triage

Sharing

General

Target

JaffaCakes118_79e6632317e4da9d1b7620ace493f5f68c6e50412eae74f3ad99f38073dcf769
Size

184KB
Sample

241223-19pr5atlhl
MD5

3712990adf10f5ab5c8bb38ea6c0b60a
SHA1

4d739e16e274d7849e6d0665ab9e13c20a14dc83
SHA256

79e6632317e4da9d1b7620ace493f5f68c6e50412eae74f3ad99f38073dcf769
SHA512

6270d6ad094761caab537a2a940e612ba0e5be162654d2124c3249737996c4abbd33b31dc3127366e8557df7e08b1bdb496f564d422772778d7b9f2425632a96
SSDEEP

3072:AiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaovlzoxss7:AiLVCIT4WK2z1W+CUHZj4Skq/eaotoC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_79e6632317e4da9d1b7620ace493f5f68c6e50412eae74f3ad99f38073dcf769
- Size
  
  184KB
- MD5
  
  3712990adf10f5ab5c8bb38ea6c0b60a
- SHA1
  
  4d739e16e274d7849e6d0665ab9e13c20a14dc83
- SHA256
  
  79e6632317e4da9d1b7620ace493f5f68c6e50412eae74f3ad99f38073dcf769
- SHA512
  
  6270d6ad094761caab537a2a940e612ba0e5be162654d2124c3249737996c4abbd33b31dc3127366e8557df7e08b1bdb496f564d422772778d7b9f2425632a96
- SSDEEP
  
  3072:AiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaovlzoxss7:AiLVCIT4WK2z1W+CUHZj4Skq/eaotoC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader