dridex | 543b6dae0cce8459ce13471134b32f696c8f99f1a8bf9d40cee26b8315a52ffb | Triage

Sharing

General

Target

JaffaCakes118_543b6dae0cce8459ce13471134b32f696c8f99f1a8bf9d40cee26b8315a52ffb
Size

188KB
Sample

241224-bqvftsxnht
MD5

8180522ae42da71f83a4b269a8dba144
SHA1

5564b348ac47c7b4af6d6f534554c86e735affaa
SHA256

543b6dae0cce8459ce13471134b32f696c8f99f1a8bf9d40cee26b8315a52ffb
SHA512

8e2f0d0c5c5957e003925c7bb16955711cce07e1b0158481633d36d376687161990af88d8e56c6b869e66ab1549f49d6bfdf0acafa5badaef0b2cbc0091caab9
SSDEEP

3072:nA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoEo:nzIqATVfQeV2FZalKq6jtGJWuTmd

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_543b6dae0cce8459ce13471134b32f696c8f99f1a8bf9d40cee26b8315a52ffb
- Size
  
  188KB
- MD5
  
  8180522ae42da71f83a4b269a8dba144
- SHA1
  
  5564b348ac47c7b4af6d6f534554c86e735affaa
- SHA256
  
  543b6dae0cce8459ce13471134b32f696c8f99f1a8bf9d40cee26b8315a52ffb
- SHA512
  
  8e2f0d0c5c5957e003925c7bb16955711cce07e1b0158481633d36d376687161990af88d8e56c6b869e66ab1549f49d6bfdf0acafa5badaef0b2cbc0091caab9
- SSDEEP
  
  3072:nA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoEo:nzIqATVfQeV2FZalKq6jtGJWuTmd
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader