dridex | 51d96ea7c8991afbed66daae8bb5cfa9de5795c43d30dac460c2bcb4dc23a438 | Triage

Sharing

General

Target

JaffaCakes118_51d96ea7c8991afbed66daae8bb5cfa9de5795c43d30dac460c2bcb4dc23a438
Size

184KB
Sample

241224-cj863synaz
MD5

ac90a72aea83b766e385629baf3dc78e
SHA1

a57cb541659488665b5156c21b5e8e66babc933b
SHA256

51d96ea7c8991afbed66daae8bb5cfa9de5795c43d30dac460c2bcb4dc23a438
SHA512

d2b2ac50185904baa6d704c8cc7d3090491107383eac2b0ace963a804baa0693f59020b906fb4a29057ca5c4eeafcd9e7fe39b4aefdc710b9a626beb863b7f94
SSDEEP

3072:ggkQz1PuOprc+kq6VNOe3qbarVEpZlcbBacS9nOdgzdA4l:VPFkq6zOe5ilSanOkd

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.75.201.2:443

158.223.1.108:6225

165.22.28.242:4664

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_51d96ea7c8991afbed66daae8bb5cfa9de5795c43d30dac460c2bcb4dc23a438
- Size
  
  184KB
- MD5
  
  ac90a72aea83b766e385629baf3dc78e
- SHA1
  
  a57cb541659488665b5156c21b5e8e66babc933b
- SHA256
  
  51d96ea7c8991afbed66daae8bb5cfa9de5795c43d30dac460c2bcb4dc23a438
- SHA512
  
  d2b2ac50185904baa6d704c8cc7d3090491107383eac2b0ace963a804baa0693f59020b906fb4a29057ca5c4eeafcd9e7fe39b4aefdc710b9a626beb863b7f94
- SSDEEP
  
  3072:ggkQz1PuOprc+kq6VNOe3qbarVEpZlcbBacS9nOdgzdA4l:VPFkq6zOe5ilSanOkd
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader