dridex | c6c0f35bccb47b28b6913542371a12d0f43880bdc16f86d2e187ccedc68d8c17 | Triage

Sharing

General

Target

JaffaCakes118_c6c0f35bccb47b28b6913542371a12d0f43880bdc16f86d2e187ccedc68d8c17
Size

184KB
Sample

241225-hkdz8a1jbl
MD5

bed709d788c03558a3b27b1db9c34398
SHA1

042d21dd50cb658e2c2853e83dea8efd8d753704
SHA256

c6c0f35bccb47b28b6913542371a12d0f43880bdc16f86d2e187ccedc68d8c17
SHA512

4023597d469a3a77a73602abcaa42927f9861e6f6007ed75c94162d487435cbf88ec4e7a46f1724bc5962310095f659db827bac2cb88b041c98b744e1c04b8c3
SSDEEP

3072:liLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoXlzoxss7:liLVCIT4WK2z1W+CUHZj4Skq/eaoloC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_c6c0f35bccb47b28b6913542371a12d0f43880bdc16f86d2e187ccedc68d8c17
- Size
  
  184KB
- MD5
  
  bed709d788c03558a3b27b1db9c34398
- SHA1
  
  042d21dd50cb658e2c2853e83dea8efd8d753704
- SHA256
  
  c6c0f35bccb47b28b6913542371a12d0f43880bdc16f86d2e187ccedc68d8c17
- SHA512
  
  4023597d469a3a77a73602abcaa42927f9861e6f6007ed75c94162d487435cbf88ec4e7a46f1724bc5962310095f659db827bac2cb88b041c98b744e1c04b8c3
- SSDEEP
  
  3072:liLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoXlzoxss7:liLVCIT4WK2z1W+CUHZj4Skq/eaoloC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader