dridex | 53e7e9e92d75ffc0365d14401c2ed9b52fc5bc41b9abe6ac93e515056c3ac865 | Triage

Sharing

General

Target

JaffaCakes118_53e7e9e92d75ffc0365d14401c2ed9b52fc5bc41b9abe6ac93e515056c3ac865
Size

188KB
Sample

241223-1q8e5asmgz
MD5

06dcfbc0c0523cd15ff2f6d1e4f1b027
SHA1

90b0750761c1f09ded569658b4a05f3c40bc16e0
SHA256

53e7e9e92d75ffc0365d14401c2ed9b52fc5bc41b9abe6ac93e515056c3ac865
SHA512

01aa4e2c40f532a8935dcbbae08c49beed723488a7f6446340a7a056ce02ee86b4b67c555004eb369494b7cbb01a7413f1eeff7c927a8de5c4a38a29f08b7487
SSDEEP

3072:wA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoMo:wzIqATVfQeV2FZalKq6jtGJWuTmd

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_53e7e9e92d75ffc0365d14401c2ed9b52fc5bc41b9abe6ac93e515056c3ac865
- Size
  
  188KB
- MD5
  
  06dcfbc0c0523cd15ff2f6d1e4f1b027
- SHA1
  
  90b0750761c1f09ded569658b4a05f3c40bc16e0
- SHA256
  
  53e7e9e92d75ffc0365d14401c2ed9b52fc5bc41b9abe6ac93e515056c3ac865
- SHA512
  
  01aa4e2c40f532a8935dcbbae08c49beed723488a7f6446340a7a056ce02ee86b4b67c555004eb369494b7cbb01a7413f1eeff7c927a8de5c4a38a29f08b7487
- SSDEEP
  
  3072:wA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoMo:wzIqATVfQeV2FZalKq6jtGJWuTmd
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader