dridex | 414187672ca5bde93b8a5b1b38c01f90fec42a6d7017d51dc5e13a17b002de9e | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...9e.dll

windows7-x64

JaffaCakes...9e.dll

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_414187672ca5bde93b8a5b1b38c01f90fec42a6d7017d51dc5e13a17b002de9e
Size

184KB
Sample

241224-cm348synf1
MD5

da089a070ae9fa358d29a40e2993b591
SHA1

6882c62a6a80fad5b2f89b8a7d49642cbfe7f8a4
SHA256

414187672ca5bde93b8a5b1b38c01f90fec42a6d7017d51dc5e13a17b002de9e
SHA512

b8d935a3d9fe2f8d7f15d6c7df9bd10fa01394f1ecf417369a3fec0f0082b7844bfdc10163a17f36c7ffd1be076f1a083853c0f6b4beff54b586a2555b91ed44
SSDEEP

3072:eJQ6H3ykY88YOSs+k1TwEuTcMIznNuOzlr1Xznku9Luk0eJww8Jba//2uFrSc:nfYOX+wTScR/Xzku9LVwYuG

Score

10^/10

dridex 22201 botnet discovery loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_414187672ca5bde93b8a5b1b38c01f90fec42a6d7017d51dc5e13a17b002de9e.dll

Resource

win7-20241010-en

dridex 22201 botnet discovery loader

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_414187672ca5bde93b8a5b1b38c01f90fec42a6d7017d51dc5e13a17b002de9e.dll

Resource

win10v2004-20241007-en

dridex 22201 botnet discovery loader

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_414187672ca5bde93b8a5b1b38c01f90fec42a6d7017d51dc5e13a17b002de9e
- Size
  
  184KB
- MD5
  
  da089a070ae9fa358d29a40e2993b591
- SHA1
  
  6882c62a6a80fad5b2f89b8a7d49642cbfe7f8a4
- SHA256
  
  414187672ca5bde93b8a5b1b38c01f90fec42a6d7017d51dc5e13a17b002de9e
- SHA512
  
  b8d935a3d9fe2f8d7f15d6c7df9bd10fa01394f1ecf417369a3fec0f0082b7844bfdc10163a17f36c7ffd1be076f1a083853c0f6b4beff54b586a2555b91ed44
- SSDEEP
  
  3072:eJQ6H3ykY88YOSs+k1TwEuTcMIznNuOzlr1Xznku9Luk0eJww8Jba//2uFrSc:nfYOX+wTScR/Xzku9LVwYuG
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader

© 2018-2025

Terms | Privacy