dridex | 0a3fb385f7907c9b178cda1591870839a65690a00e2c08570f6726adfa2bd4ed | Triage

Sharing

General

Target

JaffaCakes118_0a3fb385f7907c9b178cda1591870839a65690a00e2c08570f6726adfa2bd4ed
Size

184KB
Sample

241224-wzg73stlbz
MD5

3976d0861c68ec40618d260612a970e1
SHA1

c82884ecd7252d9a6e605850567acd52c23324be
SHA256

0a3fb385f7907c9b178cda1591870839a65690a00e2c08570f6726adfa2bd4ed
SHA512

3f0cc04dcd5e83d10f5064d2dfe1eae4e58cb507ad8763f13573ca74a1ba58b04cc1738ce4b753b21b92f3ce7f042244f7899e6274e306d37c95fde1872b2461
SSDEEP

3072:liLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoElzoxss7:liLVCIT4WK2z1W+CUHZj4Skq/eao6oC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_0a3fb385f7907c9b178cda1591870839a65690a00e2c08570f6726adfa2bd4ed
- Size
  
  184KB
- MD5
  
  3976d0861c68ec40618d260612a970e1
- SHA1
  
  c82884ecd7252d9a6e605850567acd52c23324be
- SHA256
  
  0a3fb385f7907c9b178cda1591870839a65690a00e2c08570f6726adfa2bd4ed
- SHA512
  
  3f0cc04dcd5e83d10f5064d2dfe1eae4e58cb507ad8763f13573ca74a1ba58b04cc1738ce4b753b21b92f3ce7f042244f7899e6274e306d37c95fde1872b2461
- SSDEEP
  
  3072:liLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoElzoxss7:liLVCIT4WK2z1W+CUHZj4Skq/eao6oC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader