dridex | bf568c024073dbe8d2f2119ed547d62d460c5886e4574466afc948612fe853e1 | Triage

Sharing

General

Target

JaffaCakes118_bf568c024073dbe8d2f2119ed547d62d460c5886e4574466afc948612fe853e1
Size

188KB
Sample

241223-web6bswpdk
MD5

39343dac6568468cceb321e3ae50caca
SHA1

4525bc959c52c5ec78d7284d483926d82a1c60f5
SHA256

bf568c024073dbe8d2f2119ed547d62d460c5886e4574466afc948612fe853e1
SHA512

3e85af0279fb8006e743f1a678e72112d4633412272038ec5d0e92dee5aa4793ac3fb138ac32b20c7d45f7fdc8f68a1fa827a468f5f73da539952993d2cd15ea
SSDEEP

3072:TA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoNo:TzIqATVfQeV2FZalKq6jtGJWuTmd

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_bf568c024073dbe8d2f2119ed547d62d460c5886e4574466afc948612fe853e1
- Size
  
  188KB
- MD5
  
  39343dac6568468cceb321e3ae50caca
- SHA1
  
  4525bc959c52c5ec78d7284d483926d82a1c60f5
- SHA256
  
  bf568c024073dbe8d2f2119ed547d62d460c5886e4574466afc948612fe853e1
- SHA512
  
  3e85af0279fb8006e743f1a678e72112d4633412272038ec5d0e92dee5aa4793ac3fb138ac32b20c7d45f7fdc8f68a1fa827a468f5f73da539952993d2cd15ea
- SSDEEP
  
  3072:TA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoNo:TzIqATVfQeV2FZalKq6jtGJWuTmd
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader