dridex | c55825153ac988b77cb170f272e90228021d0f81f3e8840227e17f8d18fbb31a | Triage

Sharing

General

Target

JaffaCakes118_c55825153ac988b77cb170f272e90228021d0f81f3e8840227e17f8d18fbb31a
Size

188KB
Sample

241223-ygfmmsyqfp
MD5

5502537a054c6eb6e568768c3e4eafed
SHA1

37d3237fb308cdb067001ad3985276db93f5e684
SHA256

c55825153ac988b77cb170f272e90228021d0f81f3e8840227e17f8d18fbb31a
SHA512

c1996b8e87748ad81613a7c992bc09c197d2e4e5fa47a515473df8fadb79e77814d6344b3cb97e69aad67959b39ccbd9ef1b330652eedc10a5a5df1a3c6f36ab
SSDEEP

3072:pA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAo1o:pzIqATVfQeV2FZalKq6jtGJWuTmd

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_c55825153ac988b77cb170f272e90228021d0f81f3e8840227e17f8d18fbb31a
- Size
  
  188KB
- MD5
  
  5502537a054c6eb6e568768c3e4eafed
- SHA1
  
  37d3237fb308cdb067001ad3985276db93f5e684
- SHA256
  
  c55825153ac988b77cb170f272e90228021d0f81f3e8840227e17f8d18fbb31a
- SHA512
  
  c1996b8e87748ad81613a7c992bc09c197d2e4e5fa47a515473df8fadb79e77814d6344b3cb97e69aad67959b39ccbd9ef1b330652eedc10a5a5df1a3c6f36ab
- SSDEEP
  
  3072:pA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAo1o:pzIqATVfQeV2FZalKq6jtGJWuTmd
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader