dridex | fd152c039607116f805856e0997951bc97992a37a91d7f84f0467f0cad9c0924 | Triage

Sharing

General

Target

JaffaCakes118_fd152c039607116f805856e0997951bc97992a37a91d7f84f0467f0cad9c0924
Size

184KB
Sample

241224-275k8szpa1
MD5

03226cf64980ac1d4b00b24f5d1daae0
SHA1

73b7af2f7cb152aa0b780ab9a706578faec73986
SHA256

fd152c039607116f805856e0997951bc97992a37a91d7f84f0467f0cad9c0924
SHA512

6b3a278307848b6ec96a20426cdf59d103b7a80ccad49527f772a975986ba2d909e1d54a7c1a9e9e98dcf78a9086ba6f9c0e4016e07ed8b2b2ced29a4cbb7bc1
SSDEEP

3072:niLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eao7lzoxss7:niLVCIT4WK2z1W+CUHZj4Skq/eaoBoC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_fd152c039607116f805856e0997951bc97992a37a91d7f84f0467f0cad9c0924
- Size
  
  184KB
- MD5
  
  03226cf64980ac1d4b00b24f5d1daae0
- SHA1
  
  73b7af2f7cb152aa0b780ab9a706578faec73986
- SHA256
  
  fd152c039607116f805856e0997951bc97992a37a91d7f84f0467f0cad9c0924
- SHA512
  
  6b3a278307848b6ec96a20426cdf59d103b7a80ccad49527f772a975986ba2d909e1d54a7c1a9e9e98dcf78a9086ba6f9c0e4016e07ed8b2b2ced29a4cbb7bc1
- SSDEEP
  
  3072:niLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eao7lzoxss7:niLVCIT4WK2z1W+CUHZj4Skq/eaoBoC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader