dridex | 5fca53b60d8493d39c7fa75b9dfc2f376e6aebc9e0f79901503fbc1396da3344 | Triage

Sharing

General

Target

JaffaCakes118_5fca53b60d8493d39c7fa75b9dfc2f376e6aebc9e0f79901503fbc1396da3344
Size

184KB
Sample

241225-p4hk3stldn
MD5

5d62da3946f690f00dad10b8b225c6b6
SHA1

d76537b1f0c7e337712fc52fcc9a8a9b27cd4cf2
SHA256

5fca53b60d8493d39c7fa75b9dfc2f376e6aebc9e0f79901503fbc1396da3344
SHA512

2e9802e0c5763cd77d3fc7d416e4c08b176850ef4b215737fa645892f7da6e075870d7457f3723c8a55b8e3e49296ef13bed07fbfca56fd7ae2a80c28f5df55d
SSDEEP

3072:yiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoFlzoxss7:yiLVCIT4WK2z1W+CUHZj4Skq/eaoLoC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_5fca53b60d8493d39c7fa75b9dfc2f376e6aebc9e0f79901503fbc1396da3344
- Size
  
  184KB
- MD5
  
  5d62da3946f690f00dad10b8b225c6b6
- SHA1
  
  d76537b1f0c7e337712fc52fcc9a8a9b27cd4cf2
- SHA256
  
  5fca53b60d8493d39c7fa75b9dfc2f376e6aebc9e0f79901503fbc1396da3344
- SHA512
  
  2e9802e0c5763cd77d3fc7d416e4c08b176850ef4b215737fa645892f7da6e075870d7457f3723c8a55b8e3e49296ef13bed07fbfca56fd7ae2a80c28f5df55d
- SSDEEP
  
  3072:yiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoFlzoxss7:yiLVCIT4WK2z1W+CUHZj4Skq/eaoLoC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader