dridex | 72ad73db250de546717eb644fd29966faba8761e1a5f9365503ae0cf65de0688 | Triage

Sharing

General

Target

JaffaCakes118_72ad73db250de546717eb644fd29966faba8761e1a5f9365503ae0cf65de0688
Size

166KB
Sample

241223-t7wz4avpal
MD5

70dd883693886ea7fe09751c924693dd
SHA1

91e678685a3a3db118efa2d296aa471148106d14
SHA256

72ad73db250de546717eb644fd29966faba8761e1a5f9365503ae0cf65de0688
SHA512

218cee809572e89dd9bcba01ad93a6c67a49f3d903106635a16251ba625ea92aa36f2098cc353d9e562c97bd33e12529847a7a4cb3eb92c423d96150e66f0a65
SSDEEP

3072:RuFbQtsYQcjxanytIp92/l1iPPqs1/whG68DaHrnpDZ+eE:R0czbty9uiaJlHE

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

131.100.24.202:443

193.160.214.95:4125

67.43.4.76:8172

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_72ad73db250de546717eb644fd29966faba8761e1a5f9365503ae0cf65de0688
- Size
  
  166KB
- MD5
  
  70dd883693886ea7fe09751c924693dd
- SHA1
  
  91e678685a3a3db118efa2d296aa471148106d14
- SHA256
  
  72ad73db250de546717eb644fd29966faba8761e1a5f9365503ae0cf65de0688
- SHA512
  
  218cee809572e89dd9bcba01ad93a6c67a49f3d903106635a16251ba625ea92aa36f2098cc353d9e562c97bd33e12529847a7a4cb3eb92c423d96150e66f0a65
- SSDEEP
  
  3072:RuFbQtsYQcjxanytIp92/l1iPPqs1/whG68DaHrnpDZ+eE:R0czbty9uiaJlHE
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader