dridex | 318deb54510946b9997c9f71f3ee84f4ab4274c690b1500e4403c4e001f1a3ed | Triage

Sharing

General

Target

JaffaCakes118_318deb54510946b9997c9f71f3ee84f4ab4274c690b1500e4403c4e001f1a3ed
Size

184KB
Sample

241224-3n8n8a1lhl
MD5

e567eb8b3fe59a6875661991005026b1
SHA1

c0f7790f1ef9b9ae493ca76d7c0b1982a9554f2c
SHA256

318deb54510946b9997c9f71f3ee84f4ab4274c690b1500e4403c4e001f1a3ed
SHA512

0386589671cfe32dfc873afaab81548080f9563054b58a88715c34ebb206ddfd4d8ec66e3737a6b22bea18221b576568f3acb02fb87ff2d2436c03b3ccb4d561
SSDEEP

3072:eiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoOlzoxss7:eiLVCIT4WK2z1W+CUHZj4Skq/eaoMoC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_318deb54510946b9997c9f71f3ee84f4ab4274c690b1500e4403c4e001f1a3ed
- Size
  
  184KB
- MD5
  
  e567eb8b3fe59a6875661991005026b1
- SHA1
  
  c0f7790f1ef9b9ae493ca76d7c0b1982a9554f2c
- SHA256
  
  318deb54510946b9997c9f71f3ee84f4ab4274c690b1500e4403c4e001f1a3ed
- SHA512
  
  0386589671cfe32dfc873afaab81548080f9563054b58a88715c34ebb206ddfd4d8ec66e3737a6b22bea18221b576568f3acb02fb87ff2d2436c03b3ccb4d561
- SSDEEP
  
  3072:eiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoOlzoxss7:eiLVCIT4WK2z1W+CUHZj4Skq/eaoMoC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader