dridex | 6ab9ac35764fd66e38c77db747ced62898a255b47e3899856f06347ad274260a | Triage

Sharing

General

Target

JaffaCakes118_6ab9ac35764fd66e38c77db747ced62898a255b47e3899856f06347ad274260a
Size

184KB
Sample

241225-gwlc1aznbm
MD5

9e2d5549dde684c101d16cff8bdf582e
SHA1

525a7423c22dbdae7b245ea1587bdd02bf63af4f
SHA256

6ab9ac35764fd66e38c77db747ced62898a255b47e3899856f06347ad274260a
SHA512

e7472423ed17173136037759d78032483214bae0c71daccec0be15b75beccc5f3bd7d9d6c75ce783f073b6a010e2284821e5d76a75ec84a3f04f9421ec5940bd
SSDEEP

3072:liLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoclzoxss7:liLVCIT4WK2z1W+CUHZj4Skq/eaoioC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_6ab9ac35764fd66e38c77db747ced62898a255b47e3899856f06347ad274260a
- Size
  
  184KB
- MD5
  
  9e2d5549dde684c101d16cff8bdf582e
- SHA1
  
  525a7423c22dbdae7b245ea1587bdd02bf63af4f
- SHA256
  
  6ab9ac35764fd66e38c77db747ced62898a255b47e3899856f06347ad274260a
- SHA512
  
  e7472423ed17173136037759d78032483214bae0c71daccec0be15b75beccc5f3bd7d9d6c75ce783f073b6a010e2284821e5d76a75ec84a3f04f9421ec5940bd
- SSDEEP
  
  3072:liLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoclzoxss7:liLVCIT4WK2z1W+CUHZj4Skq/eaoioC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader