dridex | 135344ac60d695539097ed430da7d6c01dfaaf21d042f0ae291e992d4e2970b5 | Triage

Sharing

General

Target

JaffaCakes118_135344ac60d695539097ed430da7d6c01dfaaf21d042f0ae291e992d4e2970b5
Size

188KB
Sample

241223-2k1c1atmcv
MD5

8989eacec5f33eb10cf505c3cf3cbd8e
SHA1

faf2ecb8947eca04b382a05139f677d5ed9b3df6
SHA256

135344ac60d695539097ed430da7d6c01dfaaf21d042f0ae291e992d4e2970b5
SHA512

e154b98f9d07d2ccd9db4cc2bae149ff062947e1099ee36e29765bbd44b760cc3adf5bb5c75f2c4e04cdb8f58b7fe6a28ba8ff43979ca3f02a1958973ed97dd1
SSDEEP

3072:bA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAo0o:bzIqATVfQeV2FZalKq6jtGJWuTmd

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_135344ac60d695539097ed430da7d6c01dfaaf21d042f0ae291e992d4e2970b5
- Size
  
  188KB
- MD5
  
  8989eacec5f33eb10cf505c3cf3cbd8e
- SHA1
  
  faf2ecb8947eca04b382a05139f677d5ed9b3df6
- SHA256
  
  135344ac60d695539097ed430da7d6c01dfaaf21d042f0ae291e992d4e2970b5
- SHA512
  
  e154b98f9d07d2ccd9db4cc2bae149ff062947e1099ee36e29765bbd44b760cc3adf5bb5c75f2c4e04cdb8f58b7fe6a28ba8ff43979ca3f02a1958973ed97dd1
- SSDEEP
  
  3072:bA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAo0o:bzIqATVfQeV2FZalKq6jtGJWuTmd
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader