dridex | 442a857c4f3a1c89f424d5f5414dfb0afde8de9895bdbfee2fe67652d4a8d713 | Triage

Sharing

General

Target

JaffaCakes118_442a857c4f3a1c89f424d5f5414dfb0afde8de9895bdbfee2fe67652d4a8d713
Size

162KB
Sample

241224-dz3jxa1mdn
MD5

19ba04c1b499e97be65593784e44cc33
SHA1

72568012fb30ec3617dc3c3f16cc8a41d6897bba
SHA256

442a857c4f3a1c89f424d5f5414dfb0afde8de9895bdbfee2fe67652d4a8d713
SHA512

dabd2cb9c79651a5479943188e51e1043600d881e9daa2a36808a0861d0cc7e8aa52d18281ce23591b6d6f5774fbf7218cdf3079f0c9a8332d762df182bea94d
SSDEEP

3072:i/FbrEzD9N+RiMB00c9/74DXE+JgaV7IPx+e6O/pPtaL02:gbrE1kvcB74DXZ2MelZ2

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

203.114.109.124:443

82.165.145.100:6601

94.177.255.18:8172

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_442a857c4f3a1c89f424d5f5414dfb0afde8de9895bdbfee2fe67652d4a8d713
- Size
  
  162KB
- MD5
  
  19ba04c1b499e97be65593784e44cc33
- SHA1
  
  72568012fb30ec3617dc3c3f16cc8a41d6897bba
- SHA256
  
  442a857c4f3a1c89f424d5f5414dfb0afde8de9895bdbfee2fe67652d4a8d713
- SHA512
  
  dabd2cb9c79651a5479943188e51e1043600d881e9daa2a36808a0861d0cc7e8aa52d18281ce23591b6d6f5774fbf7218cdf3079f0c9a8332d762df182bea94d
- SSDEEP
  
  3072:i/FbrEzD9N+RiMB00c9/74DXE+JgaV7IPx+e6O/pPtaL02:gbrE1kvcB74DXZ2MelZ2
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader