dridex | 0e6b69eeec038c7f518a2559f852fa7b49debf0acf5b1aac907faf0e00af0cc4 | Triage

Sharing

General

Target

JaffaCakes118_0e6b69eeec038c7f518a2559f852fa7b49debf0acf5b1aac907faf0e00af0cc4
Size

164KB
Sample

241224-v1zcbasqax
MD5

d9f8af20024b755e11ae5366d0c15edd
SHA1

283f18c8fed4841610463eb02f2d20843f637cb6
SHA256

0e6b69eeec038c7f518a2559f852fa7b49debf0acf5b1aac907faf0e00af0cc4
SHA512

f72775cc28861093e2eae5dd37e3f2db8588bc7e4f0bbe3e3c72f06439f3597bb6480ffee7879c7657fc825d71b0e0e30e20eb3e60bef55053a53dc1c5a67de0
SSDEEP

3072:cBefihU8fQ2Sob/xg+eNV1A1I3aiI8i3GdVAzuECtNjP3/3ioP7y11a0E:cBefiv/12+2A1AIpFzxCtNjHSoPm11J

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

45.123.40.54:443

82.209.17.209:8172

180.250.21.2:13721

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_0e6b69eeec038c7f518a2559f852fa7b49debf0acf5b1aac907faf0e00af0cc4
- Size
  
  164KB
- MD5
  
  d9f8af20024b755e11ae5366d0c15edd
- SHA1
  
  283f18c8fed4841610463eb02f2d20843f637cb6
- SHA256
  
  0e6b69eeec038c7f518a2559f852fa7b49debf0acf5b1aac907faf0e00af0cc4
- SHA512
  
  f72775cc28861093e2eae5dd37e3f2db8588bc7e4f0bbe3e3c72f06439f3597bb6480ffee7879c7657fc825d71b0e0e30e20eb3e60bef55053a53dc1c5a67de0
- SSDEEP
  
  3072:cBefihU8fQ2Sob/xg+eNV1A1I3aiI8i3GdVAzuECtNjP3/3ioP7y11a0E:cBefiv/12+2A1AIpFzxCtNjHSoPm11J
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader