dridex | fe051686c6cd43bbbce7bcffac3c54b32d7d89f5c9ce6cd600904d1e60d1bd75 | Triage

Sharing

General

Target

JaffaCakes118_fe051686c6cd43bbbce7bcffac3c54b32d7d89f5c9ce6cd600904d1e60d1bd75
Size

184KB
Sample

241225-bryjwatjb1
MD5

483c680325af0a220f6e1eb90d341892
SHA1

55da77b48d238f49e993592dd533e9ab9c761bda
SHA256

fe051686c6cd43bbbce7bcffac3c54b32d7d89f5c9ce6cd600904d1e60d1bd75
SHA512

a216f41ef76e77549424ea30e375644cef35fc1f5e1841f277ba9c8ceb333ca1c8c50791e1327b020834c7faedd7f18c3a13068ab25cd186455a91686c81e650
SSDEEP

3072:FiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoLlzoxss7:FiLVCIT4WK2z1W+CUHZj4Skq/eaoxoC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_fe051686c6cd43bbbce7bcffac3c54b32d7d89f5c9ce6cd600904d1e60d1bd75
- Size
  
  184KB
- MD5
  
  483c680325af0a220f6e1eb90d341892
- SHA1
  
  55da77b48d238f49e993592dd533e9ab9c761bda
- SHA256
  
  fe051686c6cd43bbbce7bcffac3c54b32d7d89f5c9ce6cd600904d1e60d1bd75
- SHA512
  
  a216f41ef76e77549424ea30e375644cef35fc1f5e1841f277ba9c8ceb333ca1c8c50791e1327b020834c7faedd7f18c3a13068ab25cd186455a91686c81e650
- SSDEEP
  
  3072:FiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoLlzoxss7:FiLVCIT4WK2z1W+CUHZj4Skq/eaoxoC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader