dridex | 2e7f417547b0498a65e46d72ca1a83ede4eb5400c5a4ab198ccab6abee1b7b20 | Triage

Sharing

General

Target

JaffaCakes118_2e7f417547b0498a65e46d72ca1a83ede4eb5400c5a4ab198ccab6abee1b7b20
Size

188KB
Sample

241223-2yy24avjgk
MD5

262df1460eca1f4e1ac9b5734f421cc4
SHA1

20b2f0c2af8e3c8e160caa33f9c89b248c7f9381
SHA256

2e7f417547b0498a65e46d72ca1a83ede4eb5400c5a4ab198ccab6abee1b7b20
SHA512

27ff5e16ab8ac75fb438cdee4e79f6aeb188dee34a5a524d4c26f47116d6c07f5b3ab00e6341689f76aa463cc7d2ab353e0124ceb602036cf377d92ca9e98067
SSDEEP

3072:YA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoZo:YzIqATVfQeV2FZalKq6jtGJWuTmd

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_2e7f417547b0498a65e46d72ca1a83ede4eb5400c5a4ab198ccab6abee1b7b20
- Size
  
  188KB
- MD5
  
  262df1460eca1f4e1ac9b5734f421cc4
- SHA1
  
  20b2f0c2af8e3c8e160caa33f9c89b248c7f9381
- SHA256
  
  2e7f417547b0498a65e46d72ca1a83ede4eb5400c5a4ab198ccab6abee1b7b20
- SHA512
  
  27ff5e16ab8ac75fb438cdee4e79f6aeb188dee34a5a524d4c26f47116d6c07f5b3ab00e6341689f76aa463cc7d2ab353e0124ceb602036cf377d92ca9e98067
- SSDEEP
  
  3072:YA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoZo:YzIqATVfQeV2FZalKq6jtGJWuTmd
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader