dridex | 444f66a04e587d23954f5146ba08b75d6c6c0a4738b669dd360ae0613436ea83 | Triage

Sharing

General

Target

JaffaCakes118_444f66a04e587d23954f5146ba08b75d6c6c0a4738b669dd360ae0613436ea83
Size

184KB
Sample

241225-x27q7atrbr
MD5

b2ebc395a47cf51063f1db9311de2d40
SHA1

531dd41a117a89c715baed472bab7b612a7fb780
SHA256

444f66a04e587d23954f5146ba08b75d6c6c0a4738b669dd360ae0613436ea83
SHA512

e27d1e5d3deb1fda6456d2931620a69bcccfb8d58b665f9fb627faa3b814bfab9a9616918bb4781d44e088672892ad251c6db70bb718f631fefb6909e65e9135
SSDEEP

3072:ciLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eao6lzoxss7:ciLVCIT4WK2z1W+CUHZj4Skq/eaoQoC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_444f66a04e587d23954f5146ba08b75d6c6c0a4738b669dd360ae0613436ea83
- Size
  
  184KB
- MD5
  
  b2ebc395a47cf51063f1db9311de2d40
- SHA1
  
  531dd41a117a89c715baed472bab7b612a7fb780
- SHA256
  
  444f66a04e587d23954f5146ba08b75d6c6c0a4738b669dd360ae0613436ea83
- SHA512
  
  e27d1e5d3deb1fda6456d2931620a69bcccfb8d58b665f9fb627faa3b814bfab9a9616918bb4781d44e088672892ad251c6db70bb718f631fefb6909e65e9135
- SSDEEP
  
  3072:ciLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eao6lzoxss7:ciLVCIT4WK2z1W+CUHZj4Skq/eaoQoC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader