dridex | f79ef92b9021c10017fa6b8e839edd74f1661de93d74625cb027d4c6648ca36d | Triage

Sharing

General

Target

JaffaCakes118_f79ef92b9021c10017fa6b8e839edd74f1661de93d74625cb027d4c6648ca36d
Size

184KB
Sample

241225-geaj6szkbl
MD5

00651fe1659fc81c9800dced8e6e0c76
SHA1

ab5b866b9161eb161ade0131a39c26c861a4af56
SHA256

f79ef92b9021c10017fa6b8e839edd74f1661de93d74625cb027d4c6648ca36d
SHA512

9cf10c80a7594b2366b5e5878ca40e9fc375909d69a7bd6670b301e9ea85e16f9cbbcef278a4b81204cce97f69555279399e51b8f3af1a07805df73f7759c83b
SSDEEP

3072:ciLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoPlzoxss7:ciLVCIT4WK2z1W+CUHZj4Skq/eaoNoC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_f79ef92b9021c10017fa6b8e839edd74f1661de93d74625cb027d4c6648ca36d
- Size
  
  184KB
- MD5
  
  00651fe1659fc81c9800dced8e6e0c76
- SHA1
  
  ab5b866b9161eb161ade0131a39c26c861a4af56
- SHA256
  
  f79ef92b9021c10017fa6b8e839edd74f1661de93d74625cb027d4c6648ca36d
- SHA512
  
  9cf10c80a7594b2366b5e5878ca40e9fc375909d69a7bd6670b301e9ea85e16f9cbbcef278a4b81204cce97f69555279399e51b8f3af1a07805df73f7759c83b
- SSDEEP
  
  3072:ciLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoPlzoxss7:ciLVCIT4WK2z1W+CUHZj4Skq/eaoNoC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader