dridex | cdf03b1bbf21fa5cec4fc5ac464de48244385186067d5fa1ff2b8c1475fdb7fa | Triage

Sharing

General

Target

JaffaCakes118_cdf03b1bbf21fa5cec4fc5ac464de48244385186067d5fa1ff2b8c1475fdb7fa
Size

161KB
Sample

241223-wgsk4awpf1
MD5

17de0224a7b4ac42d572f4285dafbc03
SHA1

8365ad82d5caebbc96b17dd02a0ba7ff284023f4
SHA256

cdf03b1bbf21fa5cec4fc5ac464de48244385186067d5fa1ff2b8c1475fdb7fa
SHA512

0ab886b673d562fcaf777febc210bcc2b7507d49021ac23a6051576c716b72d8125bd843387f879188392436112859dba2269b4dcfc7267faa3d8aef6b1fb668
SSDEEP

3072:Zb63mpMBf4M8+pwhukvhU7fWaX/77/DZgTmbg+MGaFplA33VBrUSCx3:5a/jkvhSlP/7bg8aFnA3brA

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

193.200.130.181:443

95.138.161.226:2303

167.114.113.13:4125

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_cdf03b1bbf21fa5cec4fc5ac464de48244385186067d5fa1ff2b8c1475fdb7fa
- Size
  
  161KB
- MD5
  
  17de0224a7b4ac42d572f4285dafbc03
- SHA1
  
  8365ad82d5caebbc96b17dd02a0ba7ff284023f4
- SHA256
  
  cdf03b1bbf21fa5cec4fc5ac464de48244385186067d5fa1ff2b8c1475fdb7fa
- SHA512
  
  0ab886b673d562fcaf777febc210bcc2b7507d49021ac23a6051576c716b72d8125bd843387f879188392436112859dba2269b4dcfc7267faa3d8aef6b1fb668
- SSDEEP
  
  3072:Zb63mpMBf4M8+pwhukvhU7fWaX/77/DZgTmbg+MGaFplA33VBrUSCx3:5a/jkvhSlP/7bg8aFnA3brA
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader