dridex | a3425430e21d07459c9d1a53fd72700e824a6c1be78b4d08b9a9ca43309d03db | Triage

Sharing

General

Target

JaffaCakes118_a3425430e21d07459c9d1a53fd72700e824a6c1be78b4d08b9a9ca43309d03db
Size

166KB
Sample

241225-wwsjmsskcn
MD5

94ca338378cb676792d5e1e006fc5be8
SHA1

133adecd538fbfe9f4ffc68455b49c4c04c75171
SHA256

a3425430e21d07459c9d1a53fd72700e824a6c1be78b4d08b9a9ca43309d03db
SHA512

1c2aa6af6bcb5b736854038040d27cc19157335bb3a3ee9c8e6129cd9cc1f332e7868083517a997da151fd833af996523ded394b3d146359144d80ac44dc90c7
SSDEEP

3072:9uFbQtsYQcjxanytIp92/l1iPPqs1/whG68DaHrnpDZ+eE:90czbty9uiaJlHE

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

131.100.24.202:443

193.160.214.95:4125

67.43.4.76:8172

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_a3425430e21d07459c9d1a53fd72700e824a6c1be78b4d08b9a9ca43309d03db
- Size
  
  166KB
- MD5
  
  94ca338378cb676792d5e1e006fc5be8
- SHA1
  
  133adecd538fbfe9f4ffc68455b49c4c04c75171
- SHA256
  
  a3425430e21d07459c9d1a53fd72700e824a6c1be78b4d08b9a9ca43309d03db
- SHA512
  
  1c2aa6af6bcb5b736854038040d27cc19157335bb3a3ee9c8e6129cd9cc1f332e7868083517a997da151fd833af996523ded394b3d146359144d80ac44dc90c7
- SSDEEP
  
  3072:9uFbQtsYQcjxanytIp92/l1iPPqs1/whG68DaHrnpDZ+eE:90czbty9uiaJlHE
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader