dridex | b6df34c325389cbe6e30157c90d0172bfa8f2c5890af97b439748441bef78b59 | Triage

Sharing

General

Target

JaffaCakes118_b6df34c325389cbe6e30157c90d0172bfa8f2c5890af97b439748441bef78b59
Size

170KB
Sample

241223-3wkmcsvqfs
MD5

fa9c8c845229188b22c0018f8cb1d4dc
SHA1

be53dafa5f455c75ebaeafdda6c584e39d8d5584
SHA256

b6df34c325389cbe6e30157c90d0172bfa8f2c5890af97b439748441bef78b59
SHA512

b76ce647969afd99b65628e5ba0594a5e651a67a0c8b44162b62a9b5001426239512db87f6f26d95ee349449bab3560d54aff7f59b1afbc75288ab0d9107950e
SSDEEP

3072:DV/jTmL3X6TLhgZBxbvRS1ebSi75S5NNZ4n+whXVM9MWdo8erj:DV/jTe38LiI4Oi75izyn+4lm

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_b6df34c325389cbe6e30157c90d0172bfa8f2c5890af97b439748441bef78b59
- Size
  
  170KB
- MD5
  
  fa9c8c845229188b22c0018f8cb1d4dc
- SHA1
  
  be53dafa5f455c75ebaeafdda6c584e39d8d5584
- SHA256
  
  b6df34c325389cbe6e30157c90d0172bfa8f2c5890af97b439748441bef78b59
- SHA512
  
  b76ce647969afd99b65628e5ba0594a5e651a67a0c8b44162b62a9b5001426239512db87f6f26d95ee349449bab3560d54aff7f59b1afbc75288ab0d9107950e
- SSDEEP
  
  3072:DV/jTmL3X6TLhgZBxbvRS1ebSi75S5NNZ4n+whXVM9MWdo8erj:DV/jTe38LiI4Oi75izyn+4lm
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader