dridex | 6352835799a3c2cf835b422c003d27f20ad6fabeba08e147491af49c5de6c0c5 | Triage

Sharing

General

Target

JaffaCakes118_6352835799a3c2cf835b422c003d27f20ad6fabeba08e147491af49c5de6c0c5
Size

184KB
Sample

241223-w54m9sxld1
MD5

64dca79430e60d5d8aa5f4d947ff2c8b
SHA1

fb926dd6a4dedd0e9740bfbbe84fc8e8953518ab
SHA256

6352835799a3c2cf835b422c003d27f20ad6fabeba08e147491af49c5de6c0c5
SHA512

115af1447da0cc70e91a55a38bcab1a104138b0b6ea6d70e1ff78a2fa4d200a1a430db81f85cace3a1c900d02845700d74b9f47e1ffc5d4b410dc83a3026864c
SSDEEP

3072:aiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eao5lzoxss7:aiLVCIT4WK2z1W+CUHZj4Skq/eaonoC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_6352835799a3c2cf835b422c003d27f20ad6fabeba08e147491af49c5de6c0c5
- Size
  
  184KB
- MD5
  
  64dca79430e60d5d8aa5f4d947ff2c8b
- SHA1
  
  fb926dd6a4dedd0e9740bfbbe84fc8e8953518ab
- SHA256
  
  6352835799a3c2cf835b422c003d27f20ad6fabeba08e147491af49c5de6c0c5
- SHA512
  
  115af1447da0cc70e91a55a38bcab1a104138b0b6ea6d70e1ff78a2fa4d200a1a430db81f85cace3a1c900d02845700d74b9f47e1ffc5d4b410dc83a3026864c
- SSDEEP
  
  3072:aiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eao5lzoxss7:aiLVCIT4WK2z1W+CUHZj4Skq/eaonoC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader