dridex | 830ca2e985498b50d0ff437f094510ca97353a2528ff7f592467dd86ac24fe49 | Triage

Sharing

General

Target

JaffaCakes118_830ca2e985498b50d0ff437f094510ca97353a2528ff7f592467dd86ac24fe49
Size

188KB
Sample

241223-zx5gda1mhx
MD5

cd20ce44a9d6078269bd6124f5abb0dc
SHA1

f70d942b47d4ca7870bae82ecce763b6a3e37e98
SHA256

830ca2e985498b50d0ff437f094510ca97353a2528ff7f592467dd86ac24fe49
SHA512

5cff6c05429bbe9627d902a06bf6d4bc52ac1995c32f8317bb42968db5f728d96ceee46f29fc226ea880226dea1d2cf1ec99d209dea0ac83910f423b73e7695f
SSDEEP

3072:qA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoLo:qzIqATVfQeV2FZalKq6jtGJWuTmd

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_830ca2e985498b50d0ff437f094510ca97353a2528ff7f592467dd86ac24fe49
- Size
  
  188KB
- MD5
  
  cd20ce44a9d6078269bd6124f5abb0dc
- SHA1
  
  f70d942b47d4ca7870bae82ecce763b6a3e37e98
- SHA256
  
  830ca2e985498b50d0ff437f094510ca97353a2528ff7f592467dd86ac24fe49
- SHA512
  
  5cff6c05429bbe9627d902a06bf6d4bc52ac1995c32f8317bb42968db5f728d96ceee46f29fc226ea880226dea1d2cf1ec99d209dea0ac83910f423b73e7695f
- SSDEEP
  
  3072:qA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoLo:qzIqATVfQeV2FZalKq6jtGJWuTmd
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader