dridex | 8092a0b69a850dd880f89e16cfea50cbfb1c47a7aea411096f08a06d2c1fd8ba | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...ba.dll

windows7-x64

JaffaCakes...ba.dll

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_8092a0b69a850dd880f89e16cfea50cbfb1c47a7aea411096f08a06d2c1fd8ba
Size

161KB
Sample

241228-162yaasre1
MD5

bb8565aab4c91f8ff70e5d20c2135fc0
SHA1

c07fac0f74a6afcf605a477f5f392bf1e1f611e8
SHA256

8092a0b69a850dd880f89e16cfea50cbfb1c47a7aea411096f08a06d2c1fd8ba
SHA512

2ca59112fa20d3c325ad02c14cd2001f809001e968222ad6edf793feb7775d7f2efa5c799dfa848e6a1b027a5ee87011e2b3415a0907858f4541e2ce8074eb68
SSDEEP

3072:XaSuywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd2BGkFY:qnS62Fl+pkeJl3CvRStrFl+EYE

Score

10^/10

dridex 22202 botnet discovery loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_8092a0b69a850dd880f89e16cfea50cbfb1c47a7aea411096f08a06d2c1fd8ba.dll

Resource

win7-20240903-en

dridex 22202 botnet discovery loader

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_8092a0b69a850dd880f89e16cfea50cbfb1c47a7aea411096f08a06d2c1fd8ba.dll

Resource

win10v2004-20241007-en

dridex 22202 botnet discovery loader

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

78.46.73.125:443

185.148.168.26:2303

66.113.160.126:8172

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_8092a0b69a850dd880f89e16cfea50cbfb1c47a7aea411096f08a06d2c1fd8ba
- Size
  
  161KB
- MD5
  
  bb8565aab4c91f8ff70e5d20c2135fc0
- SHA1
  
  c07fac0f74a6afcf605a477f5f392bf1e1f611e8
- SHA256
  
  8092a0b69a850dd880f89e16cfea50cbfb1c47a7aea411096f08a06d2c1fd8ba
- SHA512
  
  2ca59112fa20d3c325ad02c14cd2001f809001e968222ad6edf793feb7775d7f2efa5c799dfa848e6a1b027a5ee87011e2b3415a0907858f4541e2ce8074eb68
- SSDEEP
  
  3072:XaSuywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd2BGkFY:qnS62Fl+pkeJl3CvRStrFl+EYE
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader

© 2018-2024

Terms | Privacy