dridex | 4e44dc983bf4ac2606de82c5232dc5851bc8e98830aee1ecb3f384a46f01391d | Triage

Sharing

General

Target

JaffaCakes118_4e44dc983bf4ac2606de82c5232dc5851bc8e98830aee1ecb3f384a46f01391d
Size

188KB
Sample

241223-3wl57awjhj
MD5

e77df0b780ec6540993792ec103c6ff2
SHA1

06954030b9db84678178635ca74ecfcc3c72c2c0
SHA256

4e44dc983bf4ac2606de82c5232dc5851bc8e98830aee1ecb3f384a46f01391d
SHA512

f71817f6a5166c8bdd8ffa5e061c6acd9349236b4efa7dc1e65a4fb0b37a16f432cd77642092abff84dce11cf441d6033b8abbaeea2ab947ceaaf72eb4476145
SSDEEP

3072:VA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAolo:VzIqATVfQeV2FZalKq6jtGJWuTmd

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_4e44dc983bf4ac2606de82c5232dc5851bc8e98830aee1ecb3f384a46f01391d
- Size
  
  188KB
- MD5
  
  e77df0b780ec6540993792ec103c6ff2
- SHA1
  
  06954030b9db84678178635ca74ecfcc3c72c2c0
- SHA256
  
  4e44dc983bf4ac2606de82c5232dc5851bc8e98830aee1ecb3f384a46f01391d
- SHA512
  
  f71817f6a5166c8bdd8ffa5e061c6acd9349236b4efa7dc1e65a4fb0b37a16f432cd77642092abff84dce11cf441d6033b8abbaeea2ab947ceaaf72eb4476145
- SSDEEP
  
  3072:VA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAolo:VzIqATVfQeV2FZalKq6jtGJWuTmd
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader