dridex | a574f78137fe24d84ab543d0847985812e37ed2e74b8b57c70da962031ed388c | Triage

Sharing

General

Target

JaffaCakes118_a574f78137fe24d84ab543d0847985812e37ed2e74b8b57c70da962031ed388c
Size

170KB
Sample

241223-xhydeaxpc1
MD5

422ab2b5904ec6ef7d647f5962555f37
SHA1

88b3a90fc6692631e17f0d02b78caf8f80ae5449
SHA256

a574f78137fe24d84ab543d0847985812e37ed2e74b8b57c70da962031ed388c
SHA512

c3b21031cca2009765a96407d885b805c0f2027b73065a93c46af106942c19292fc82fd1608f4085e28a243cbe443d9a29f9846294a1ebf784cbce4d7c208c93
SSDEEP

3072:3V/jTmL3X6TLhgZBxbvRS1ebSi75S5NNZ4n+whXVM9MWdo8erj:3V/jTe38LiI4Oi75izyn+4lm

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_a574f78137fe24d84ab543d0847985812e37ed2e74b8b57c70da962031ed388c
- Size
  
  170KB
- MD5
  
  422ab2b5904ec6ef7d647f5962555f37
- SHA1
  
  88b3a90fc6692631e17f0d02b78caf8f80ae5449
- SHA256
  
  a574f78137fe24d84ab543d0847985812e37ed2e74b8b57c70da962031ed388c
- SHA512
  
  c3b21031cca2009765a96407d885b805c0f2027b73065a93c46af106942c19292fc82fd1608f4085e28a243cbe443d9a29f9846294a1ebf784cbce4d7c208c93
- SSDEEP
  
  3072:3V/jTmL3X6TLhgZBxbvRS1ebSi75S5NNZ4n+whXVM9MWdo8erj:3V/jTe38LiI4Oi75izyn+4lm
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader