dridex | 9253757daa7561b00f8555068c72d111683148056d32bf4aeb313cd5d3acc085 | Triage

Sharing

General

Target

JaffaCakes118_9253757daa7561b00f8555068c72d111683148056d32bf4aeb313cd5d3acc085
Size

188KB
Sample

241224-dkbsms1jbm
MD5

746fe88bd96d758e9402aabef7d4264b
SHA1

d1c55bc065b151c3e04451e87cf4b86e4b5338fd
SHA256

9253757daa7561b00f8555068c72d111683148056d32bf4aeb313cd5d3acc085
SHA512

e840d725c1a5907e71ade76e26d30559ecf6777871d0f084bef6eee130453e6a54789c9f3174df016fffa873784ca89c62f5e61d2cdccda14eb6becf216ea34c
SSDEEP

3072:yA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoFo:yzIqATVfQeV2FZalKq6jtGJWuTmd

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_9253757daa7561b00f8555068c72d111683148056d32bf4aeb313cd5d3acc085
- Size
  
  188KB
- MD5
  
  746fe88bd96d758e9402aabef7d4264b
- SHA1
  
  d1c55bc065b151c3e04451e87cf4b86e4b5338fd
- SHA256
  
  9253757daa7561b00f8555068c72d111683148056d32bf4aeb313cd5d3acc085
- SHA512
  
  e840d725c1a5907e71ade76e26d30559ecf6777871d0f084bef6eee130453e6a54789c9f3174df016fffa873784ca89c62f5e61d2cdccda14eb6becf216ea34c
- SSDEEP
  
  3072:yA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoFo:yzIqATVfQeV2FZalKq6jtGJWuTmd
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader