dridex | 091087ffa89ee40fabb47007bac30f1cf2b96d065e2da7c27d4727b20b3f1c49 | Triage

Sharing

General

Target

JaffaCakes118_091087ffa89ee40fabb47007bac30f1cf2b96d065e2da7c27d4727b20b3f1c49
Size

184KB
Sample

241224-mj7ncsvmf1
MD5

2557a18365a9c327ac74fb21fc084fb7
SHA1

0beb531ba931ff79f6e4338d2d89992ef993795f
SHA256

091087ffa89ee40fabb47007bac30f1cf2b96d065e2da7c27d4727b20b3f1c49
SHA512

ca846692482d5988a7a34f631d690cac049c1c40a5d1b4c8b3aac4858f375427a2da11e7be2705cbe099483e326aa8a45d11be2d28346a2bc8b6dda83c3586b8
SSDEEP

3072:5iLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eao5lzoxss7:5iLVCIT4WK2z1W+CUHZj4Skq/eaonoC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_091087ffa89ee40fabb47007bac30f1cf2b96d065e2da7c27d4727b20b3f1c49
- Size
  
  184KB
- MD5
  
  2557a18365a9c327ac74fb21fc084fb7
- SHA1
  
  0beb531ba931ff79f6e4338d2d89992ef993795f
- SHA256
  
  091087ffa89ee40fabb47007bac30f1cf2b96d065e2da7c27d4727b20b3f1c49
- SHA512
  
  ca846692482d5988a7a34f631d690cac049c1c40a5d1b4c8b3aac4858f375427a2da11e7be2705cbe099483e326aa8a45d11be2d28346a2bc8b6dda83c3586b8
- SSDEEP
  
  3072:5iLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eao5lzoxss7:5iLVCIT4WK2z1W+CUHZj4Skq/eaonoC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader