dridex | 1089597163698d7ccb79005be4acaa858973b8942b53619cad9f7ed41e9715cf | Triage

Sharing

General

Target

JaffaCakes118_1089597163698d7ccb79005be4acaa858973b8942b53619cad9f7ed41e9715cf
Size

188KB
Sample

241224-nh5ytawmax
MD5

54625fb4888db810b2c62eb44e43b3a2
SHA1

9d6de3083f3b0b66d3597b98c8c3642bcf3bb6c4
SHA256

1089597163698d7ccb79005be4acaa858973b8942b53619cad9f7ed41e9715cf
SHA512

cb37d36fdd03619d252ad4abe47d13778581eccfea2f3402d800c229561c34b4da75346738d43e221d9b1b46a46e8f68d605bfa2665974a9aaf1f4a1d7cb7e57
SSDEEP

3072:bA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoUo:bzIqATVfQeV2FZalKq6jtGJWuTmd

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_1089597163698d7ccb79005be4acaa858973b8942b53619cad9f7ed41e9715cf
- Size
  
  188KB
- MD5
  
  54625fb4888db810b2c62eb44e43b3a2
- SHA1
  
  9d6de3083f3b0b66d3597b98c8c3642bcf3bb6c4
- SHA256
  
  1089597163698d7ccb79005be4acaa858973b8942b53619cad9f7ed41e9715cf
- SHA512
  
  cb37d36fdd03619d252ad4abe47d13778581eccfea2f3402d800c229561c34b4da75346738d43e221d9b1b46a46e8f68d605bfa2665974a9aaf1f4a1d7cb7e57
- SSDEEP
  
  3072:bA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoUo:bzIqATVfQeV2FZalKq6jtGJWuTmd
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader