dridex | e52fcbb9f175545493b2f15443e02f817f37c492741d88232742f6f7dd08427b | Triage

Sharing

General

Target

JaffaCakes118_e52fcbb9f175545493b2f15443e02f817f37c492741d88232742f6f7dd08427b
Size

177KB
Sample

241224-ng2vrswlgs
MD5

a860ea2690d4092b6aacf63c8d032837
SHA1

377a625de41e20cdce4bfb2292c8ca6f56bc95ab
SHA256

e52fcbb9f175545493b2f15443e02f817f37c492741d88232742f6f7dd08427b
SHA512

8117c1196cf5b423dd941419a26e61f26e13e7e724b3ac50ac930fb880b83b4e7e1ce173e6f1275de7ee6887aaf600832d29c21eb48fe5ca0b4a96c976f20aea
SSDEEP

3072:4oNQK/z2dvUgKrjbeSUAjnERwDkCWptcvcb8qgAE0A2C8FQUVac8SlrKI6bl/g:7aIzLgKrjbvUAjERycp6c8qgATA2TQUK

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

45.79.91.89:9987

157.245.231.228:6051

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_e52fcbb9f175545493b2f15443e02f817f37c492741d88232742f6f7dd08427b
- Size
  
  177KB
- MD5
  
  a860ea2690d4092b6aacf63c8d032837
- SHA1
  
  377a625de41e20cdce4bfb2292c8ca6f56bc95ab
- SHA256
  
  e52fcbb9f175545493b2f15443e02f817f37c492741d88232742f6f7dd08427b
- SHA512
  
  8117c1196cf5b423dd941419a26e61f26e13e7e724b3ac50ac930fb880b83b4e7e1ce173e6f1275de7ee6887aaf600832d29c21eb48fe5ca0b4a96c976f20aea
- SSDEEP
  
  3072:4oNQK/z2dvUgKrjbeSUAjnERwDkCWptcvcb8qgAE0A2C8FQUVac8SlrKI6bl/g:7aIzLgKrjbvUAjERycp6c8qgATA2TQUK
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader