dridex | 5a80f6b73d02d7d772830940939db7bcaf08cae6b2e7ad4476a5c639595e78d9 | Triage

Sharing

General

Target

JaffaCakes118_5a80f6b73d02d7d772830940939db7bcaf08cae6b2e7ad4476a5c639595e78d9
Size

184KB
Sample

241226-2zlhdstrfm
MD5

fdf0a93f36c707a7f5327aafa9c5d460
SHA1

8705bc87ba106b591804a937403baa68df5189d8
SHA256

5a80f6b73d02d7d772830940939db7bcaf08cae6b2e7ad4476a5c639595e78d9
SHA512

5da176c9572379d4c1b8394c117736d400c676cab1081fdebe12db9ea84e33aff9d81f2553e975b73d9a06617dc7b84b72213cd001988250176873ad8d179f7c
SSDEEP

3072:riLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoRlzoxss7:riLVCIT4WK2z1W+CUHZj4Skq/eaoPoC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_5a80f6b73d02d7d772830940939db7bcaf08cae6b2e7ad4476a5c639595e78d9
- Size
  
  184KB
- MD5
  
  fdf0a93f36c707a7f5327aafa9c5d460
- SHA1
  
  8705bc87ba106b591804a937403baa68df5189d8
- SHA256
  
  5a80f6b73d02d7d772830940939db7bcaf08cae6b2e7ad4476a5c639595e78d9
- SHA512
  
  5da176c9572379d4c1b8394c117736d400c676cab1081fdebe12db9ea84e33aff9d81f2553e975b73d9a06617dc7b84b72213cd001988250176873ad8d179f7c
- SSDEEP
  
  3072:riLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoRlzoxss7:riLVCIT4WK2z1W+CUHZj4Skq/eaoPoC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader