dridex | c118584d6bb71728eb40a95fbc76d534e223a32cfe88660162c921c5b4129637 | Triage

Sharing

General

Target

JaffaCakes118_c118584d6bb71728eb40a95fbc76d534e223a32cfe88660162c921c5b4129637
Size

170KB
Sample

241224-c2a21azjev
MD5

7ab91d91ef20787dfaa0f6be98663ae8
SHA1

38ffa85c9d450637837207828ff7756e83099964
SHA256

c118584d6bb71728eb40a95fbc76d534e223a32cfe88660162c921c5b4129637
SHA512

1147ba063de5493b0d3b4fc53c1fb59b4b549f1743e1e4fac90edb3a21ba84b152ce8ab8bdbea195847c597c835ff078873b5165687975ccb59df67f7ac255a1
SSDEEP

3072:PV/jTmL3X6TLhgZBxbvRS1ebSi75S5NNZ4n+whXVM9MWdo8erj:PV/jTe38LiI4Oi75izyn+4lm

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_c118584d6bb71728eb40a95fbc76d534e223a32cfe88660162c921c5b4129637
- Size
  
  170KB
- MD5
  
  7ab91d91ef20787dfaa0f6be98663ae8
- SHA1
  
  38ffa85c9d450637837207828ff7756e83099964
- SHA256
  
  c118584d6bb71728eb40a95fbc76d534e223a32cfe88660162c921c5b4129637
- SHA512
  
  1147ba063de5493b0d3b4fc53c1fb59b4b549f1743e1e4fac90edb3a21ba84b152ce8ab8bdbea195847c597c835ff078873b5165687975ccb59df67f7ac255a1
- SSDEEP
  
  3072:PV/jTmL3X6TLhgZBxbvRS1ebSi75S5NNZ4n+whXVM9MWdo8erj:PV/jTe38LiI4Oi75izyn+4lm
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader