dridex | a337fc9cda021b86405b5ef1dbe46f2ed88b9f43083702e1dff20b2b3fa529d9 | Triage

Sharing

General

Target

JaffaCakes118_a337fc9cda021b86405b5ef1dbe46f2ed88b9f43083702e1dff20b2b3fa529d9
Size

177KB
Sample

241224-akb7mawnfj
MD5

a745ca21acc73a70721ebeb2aa49e23c
SHA1

a7e589839a8762ff1226ffe1d1ef2be32a2f433f
SHA256

a337fc9cda021b86405b5ef1dbe46f2ed88b9f43083702e1dff20b2b3fa529d9
SHA512

57552e9289d26fe6497804c8db15b33b5f5cd2293839ec875b67d5eb1058c96fb20c04dcb0afa2f272fd062c921eff73a2496f29cc70430d8c99ed97dd4d8309
SSDEEP

3072:KoNQK/z2dvUgKrjbeSUAjnERwDkCWptcvcb8qgAE0A2C8FQUVac8SurKI6bl/g:FaIzLgKrjbvUAjERycp6c8qgATA2TQUr

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

45.79.91.89:9987

157.245.231.228:6051

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_a337fc9cda021b86405b5ef1dbe46f2ed88b9f43083702e1dff20b2b3fa529d9
- Size
  
  177KB
- MD5
  
  a745ca21acc73a70721ebeb2aa49e23c
- SHA1
  
  a7e589839a8762ff1226ffe1d1ef2be32a2f433f
- SHA256
  
  a337fc9cda021b86405b5ef1dbe46f2ed88b9f43083702e1dff20b2b3fa529d9
- SHA512
  
  57552e9289d26fe6497804c8db15b33b5f5cd2293839ec875b67d5eb1058c96fb20c04dcb0afa2f272fd062c921eff73a2496f29cc70430d8c99ed97dd4d8309
- SSDEEP
  
  3072:KoNQK/z2dvUgKrjbeSUAjnERwDkCWptcvcb8qgAE0A2C8FQUVac8SurKI6bl/g:FaIzLgKrjbvUAjERycp6c8qgATA2TQUr
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader