dridex | 240da769a8417f790f42eb82300507744db7de49ba48235fa6d4dc502fa6a32d | Triage

Sharing

General

Target

JaffaCakes118_240da769a8417f790f42eb82300507744db7de49ba48235fa6d4dc502fa6a32d
Size

184KB
Sample

241228-22wfdavjes
MD5

f76c3fbcd952eb25d6b805dc9417b4a2
SHA1

0e584b6e15a3b4cde43b40b1ba3db2d310d3f623
SHA256

240da769a8417f790f42eb82300507744db7de49ba48235fa6d4dc502fa6a32d
SHA512

6c3f2a6d2a2f7272fe85a392d1219b57e1dd0251c3bd647176fc4f85dfb616fa46d5731136a7b4eb5dfdde2a22dbf66db91303b96d6b264bf1e36c8e3094751e
SSDEEP

3072:/iLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaorlzoxss7:/iLVCIT4WK2z1W+CUHZj4Skq/eaoRoC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_240da769a8417f790f42eb82300507744db7de49ba48235fa6d4dc502fa6a32d
- Size
  
  184KB
- MD5
  
  f76c3fbcd952eb25d6b805dc9417b4a2
- SHA1
  
  0e584b6e15a3b4cde43b40b1ba3db2d310d3f623
- SHA256
  
  240da769a8417f790f42eb82300507744db7de49ba48235fa6d4dc502fa6a32d
- SHA512
  
  6c3f2a6d2a2f7272fe85a392d1219b57e1dd0251c3bd647176fc4f85dfb616fa46d5731136a7b4eb5dfdde2a22dbf66db91303b96d6b264bf1e36c8e3094751e
- SSDEEP
  
  3072:/iLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaorlzoxss7:/iLVCIT4WK2z1W+CUHZj4Skq/eaoRoC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader