dridex | 523402560a8bafd6cfbba61293ffe2db221353ad3c73e15ddf394a7bc9ff0054 | Triage

Sharing

General

Target

JaffaCakes118_523402560a8bafd6cfbba61293ffe2db221353ad3c73e15ddf394a7bc9ff0054
Size

184KB
Sample

241223-3tapdawjcq
MD5

774983314bda3a485aceaf745df99fc2
SHA1

7ae9f1c718cf8eb5617abd8eda14fd03d3efffb3
SHA256

523402560a8bafd6cfbba61293ffe2db221353ad3c73e15ddf394a7bc9ff0054
SHA512

d97c2c05451bcd223d20625bca4f9d8bd6c582b549394ba0c29aaf8e80cfc177922d48ccd4c89c6f943bdf88825a7f78dbc3aed0e6e9b07df8d66a555897177c
SSDEEP

3072:liLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoslzoxss7:liLVCIT4WK2z1W+CUHZj4Skq/eaoSoC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_523402560a8bafd6cfbba61293ffe2db221353ad3c73e15ddf394a7bc9ff0054
- Size
  
  184KB
- MD5
  
  774983314bda3a485aceaf745df99fc2
- SHA1
  
  7ae9f1c718cf8eb5617abd8eda14fd03d3efffb3
- SHA256
  
  523402560a8bafd6cfbba61293ffe2db221353ad3c73e15ddf394a7bc9ff0054
- SHA512
  
  d97c2c05451bcd223d20625bca4f9d8bd6c582b549394ba0c29aaf8e80cfc177922d48ccd4c89c6f943bdf88825a7f78dbc3aed0e6e9b07df8d66a555897177c
- SSDEEP
  
  3072:liLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoslzoxss7:liLVCIT4WK2z1W+CUHZj4Skq/eaoSoC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader