dridex | 05f188a9709c2843b6927d40c683c5250b126f64dda89ddeef1f149a2581a39a | Triage

Sharing

General

Target

JaffaCakes118_05f188a9709c2843b6927d40c683c5250b126f64dda89ddeef1f149a2581a39a
Size

184KB
Sample

241226-xkk6vsvmbw
MD5

30884ce982a72e5a89f247ea21982d24
SHA1

526dd40bbd3b559d4decf593ebfa8222243baeac
SHA256

05f188a9709c2843b6927d40c683c5250b126f64dda89ddeef1f149a2581a39a
SHA512

9a7d915bd10db43a2189f66e5fc9d2664a8db698033b2df9dc30054b955ad251584776af5df8df822b87aadde4e8946934d96979aa83d3d0e87c2995538d7cd3
SSDEEP

3072:liLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoylzoxss7:liLVCIT4WK2z1W+CUHZj4Skq/eao4oC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_05f188a9709c2843b6927d40c683c5250b126f64dda89ddeef1f149a2581a39a
- Size
  
  184KB
- MD5
  
  30884ce982a72e5a89f247ea21982d24
- SHA1
  
  526dd40bbd3b559d4decf593ebfa8222243baeac
- SHA256
  
  05f188a9709c2843b6927d40c683c5250b126f64dda89ddeef1f149a2581a39a
- SHA512
  
  9a7d915bd10db43a2189f66e5fc9d2664a8db698033b2df9dc30054b955ad251584776af5df8df822b87aadde4e8946934d96979aa83d3d0e87c2995538d7cd3
- SSDEEP
  
  3072:liLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoylzoxss7:liLVCIT4WK2z1W+CUHZj4Skq/eao4oC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader