dridex | a9d684cb19ffcd7f5829dd6da1e551aa3c900ecbecf2ea184c30bdeaa3698c87 | Triage

Sharing

General

Target

JaffaCakes118_a9d684cb19ffcd7f5829dd6da1e551aa3c900ecbecf2ea184c30bdeaa3698c87
Size

188KB
Sample

241224-dhlvtszrer
MD5

209d038a73050f7fb1bfe770ef1ca8ab
SHA1

54145fa545f13c4dd3b119b0bae465c38d3e532b
SHA256

a9d684cb19ffcd7f5829dd6da1e551aa3c900ecbecf2ea184c30bdeaa3698c87
SHA512

4bc5146317b90777457bbf0127bd209cede796bf7fa6f8f28e5e1f05d7c28af620940fb46147baa5ea17a2a0e5c1a5d141ac005d56b5e13237c117c224e4c079
SSDEEP

3072:AA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAogo:AzIqATVfQeV2FZalKq6jtGJWuTmd

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_a9d684cb19ffcd7f5829dd6da1e551aa3c900ecbecf2ea184c30bdeaa3698c87
- Size
  
  188KB
- MD5
  
  209d038a73050f7fb1bfe770ef1ca8ab
- SHA1
  
  54145fa545f13c4dd3b119b0bae465c38d3e532b
- SHA256
  
  a9d684cb19ffcd7f5829dd6da1e551aa3c900ecbecf2ea184c30bdeaa3698c87
- SHA512
  
  4bc5146317b90777457bbf0127bd209cede796bf7fa6f8f28e5e1f05d7c28af620940fb46147baa5ea17a2a0e5c1a5d141ac005d56b5e13237c117c224e4c079
- SSDEEP
  
  3072:AA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAogo:AzIqATVfQeV2FZalKq6jtGJWuTmd
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader