dridex | edd432304e66bc4e184af5492343bfe063143ead18355409c8a2e165c019c898 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...98.dll

windows7-x64

JaffaCakes...98.dll

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_edd432304e66bc4e184af5492343bfe063143ead18355409c8a2e165c019c898
Size

184KB
Sample

241223-xyyn4sykat
MD5

2e8a6d56f8ac7b2e5a3b9e132a38a197
SHA1

73d0355777e8b47f73d6228ee4b96c6f3a3906a9
SHA256

edd432304e66bc4e184af5492343bfe063143ead18355409c8a2e165c019c898
SHA512

9ed5c0525e18cf9ebd16393911080a05005e3fd71bfae65622d846abe312040a25bf495ec062ac2a085c3078caa23cc04946e9cbee1aff4d39f28eaf9f8a4725
SSDEEP

3072:dJQ6H3ykY88YOSs+k1TwEuTcMIznNuOzlr1Xznku9Luk0eJww8JEa//2uFrSc:mfYOX+wTScR/Xzku9LVw3uG

Score

10^/10

dridex 22201 botnet discovery loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_edd432304e66bc4e184af5492343bfe063143ead18355409c8a2e165c019c898.dll

Resource

win7-20240903-en

dridex 22201 botnet discovery loader

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_edd432304e66bc4e184af5492343bfe063143ead18355409c8a2e165c019c898.dll

Resource

win10v2004-20241007-en

dridex 22201 botnet discovery loader

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_edd432304e66bc4e184af5492343bfe063143ead18355409c8a2e165c019c898
- Size
  
  184KB
- MD5
  
  2e8a6d56f8ac7b2e5a3b9e132a38a197
- SHA1
  
  73d0355777e8b47f73d6228ee4b96c6f3a3906a9
- SHA256
  
  edd432304e66bc4e184af5492343bfe063143ead18355409c8a2e165c019c898
- SHA512
  
  9ed5c0525e18cf9ebd16393911080a05005e3fd71bfae65622d846abe312040a25bf495ec062ac2a085c3078caa23cc04946e9cbee1aff4d39f28eaf9f8a4725
- SSDEEP
  
  3072:dJQ6H3ykY88YOSs+k1TwEuTcMIznNuOzlr1Xznku9Luk0eJww8JEa//2uFrSc:mfYOX+wTScR/Xzku9LVw3uG
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader

© 2018-2025

Terms | Privacy