dridex | 5a0d6025206267d73f743a31de585cd9ffe11e325b502b4257e281c45d895578 | Triage

Sharing

General

Target

JaffaCakes118_5a0d6025206267d73f743a31de585cd9ffe11e325b502b4257e281c45d895578
Size

184KB
Sample

241229-j7ka7axlcj
MD5

88e5db861eba658aa8f99fb128836fda
SHA1

f409ac0950cc94c1b6c853980d1e4ca72d6b74e5
SHA256

5a0d6025206267d73f743a31de585cd9ffe11e325b502b4257e281c45d895578
SHA512

c4772d015d45ea3078498cff7f0fab89977991d322065a58ef5de138e126cecdc0dd0f81f6cc90e972a2bb87441352478aa0e343b2fd33493ee2fb103cc3b5d4
SSDEEP

3072:fiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoSlzoxss7:fiLVCIT4WK2z1W+CUHZj4Skq/eaoYoC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_5a0d6025206267d73f743a31de585cd9ffe11e325b502b4257e281c45d895578
- Size
  
  184KB
- MD5
  
  88e5db861eba658aa8f99fb128836fda
- SHA1
  
  f409ac0950cc94c1b6c853980d1e4ca72d6b74e5
- SHA256
  
  5a0d6025206267d73f743a31de585cd9ffe11e325b502b4257e281c45d895578
- SHA512
  
  c4772d015d45ea3078498cff7f0fab89977991d322065a58ef5de138e126cecdc0dd0f81f6cc90e972a2bb87441352478aa0e343b2fd33493ee2fb103cc3b5d4
- SSDEEP
  
  3072:fiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoSlzoxss7:fiLVCIT4WK2z1W+CUHZj4Skq/eaoYoC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader