dridex | 8905e55eb84dc31ce8b11cffd7933b6cffc2c3919962f6dfee4f54f8d8633839 | Triage

Sharing

General

Target

JaffaCakes118_8905e55eb84dc31ce8b11cffd7933b6cffc2c3919962f6dfee4f54f8d8633839
Size

184KB
Sample

241225-d19dvawqek
MD5

eb783473d4d4cab53f5d9fa571b898e4
SHA1

fafd05024a6c3141aae54026c534910d58c8462e
SHA256

8905e55eb84dc31ce8b11cffd7933b6cffc2c3919962f6dfee4f54f8d8633839
SHA512

1535b11daf25e4bdd8840982147e1af0bb469fc3c32ab579d54009ce99dd1d80bbbde7a8a9e35f9f8716f6864775bcb4ac9718febd4f72f914801d21e9259b68
SSDEEP

3072:NiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoAlzoxss7:NiLVCIT4WK2z1W+CUHZj4Skq/eao+oC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_8905e55eb84dc31ce8b11cffd7933b6cffc2c3919962f6dfee4f54f8d8633839
- Size
  
  184KB
- MD5
  
  eb783473d4d4cab53f5d9fa571b898e4
- SHA1
  
  fafd05024a6c3141aae54026c534910d58c8462e
- SHA256
  
  8905e55eb84dc31ce8b11cffd7933b6cffc2c3919962f6dfee4f54f8d8633839
- SHA512
  
  1535b11daf25e4bdd8840982147e1af0bb469fc3c32ab579d54009ce99dd1d80bbbde7a8a9e35f9f8716f6864775bcb4ac9718febd4f72f914801d21e9259b68
- SSDEEP
  
  3072:NiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoAlzoxss7:NiLVCIT4WK2z1W+CUHZj4Skq/eao+oC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader