dridex | 16c52f13166bbe63b6262a168e617462557a32ced511f09f641d7ebeda654dab | Triage

Sharing

General

Target

JaffaCakes118_16c52f13166bbe63b6262a168e617462557a32ced511f09f641d7ebeda654dab
Size

184KB
Sample

241230-1b7kaazkcj
MD5

c1009ee3dc68d79e158e748c8a729f8a
SHA1

9d2b96e5ca5e7b49bd2c302ee0f4fc3cd8c00218
SHA256

16c52f13166bbe63b6262a168e617462557a32ced511f09f641d7ebeda654dab
SHA512

78b8919ea6210664e1544132590ee75c38144b1d86cd8a5a384c4b1d62c1a8dc46043290ac17f266944d9ea39ae59edc234e4123505e04e205b4035c02e59b40
SSDEEP

3072:kW8WgWhVnmr6k/6zsRJLNqTXvMU9tb+/HU6ngmVWx9ixCH0u:38qh+66QsRdNiBW/06ngmVWexC

Score

10^/10

dridex 22203 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22203

C2

103.75.201.2:443

158.223.1.108:6225

165.22.28.242:4664

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_16c52f13166bbe63b6262a168e617462557a32ced511f09f641d7ebeda654dab
- Size
  
  184KB
- MD5
  
  c1009ee3dc68d79e158e748c8a729f8a
- SHA1
  
  9d2b96e5ca5e7b49bd2c302ee0f4fc3cd8c00218
- SHA256
  
  16c52f13166bbe63b6262a168e617462557a32ced511f09f641d7ebeda654dab
- SHA512
  
  78b8919ea6210664e1544132590ee75c38144b1d86cd8a5a384c4b1d62c1a8dc46043290ac17f266944d9ea39ae59edc234e4123505e04e205b4035c02e59b40
- SSDEEP
  
  3072:kW8WgWhVnmr6k/6zsRJLNqTXvMU9tb+/HU6ngmVWx9ixCH0u:38qh+66QsRdNiBW/06ngmVWexC
Score

10^/10

dridex 22203 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22203botnetdiscoveryloader

behavioral2

dridex22203botnetdiscoveryloader