Overview

overview

10

Static

static

3

529a5bd3d2...dd.dll

windows7-x64

10

529a5bd3d2...dd.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_51911418cae59b97f116386b204bc6b547c68ca36f699030c51dbb5d14299c4c

  • Size

    176KB

  • Sample

    241230-2jby1svlgz

  • MD5

    e3f99e3650198baca56c9b2bd0b8f619

  • SHA1

    c3a33ee77e01e8ea1b7a80d8d32fceaee3c1180e

  • SHA256

    51911418cae59b97f116386b204bc6b547c68ca36f699030c51dbb5d14299c4c

  • SHA512

    daf1aa9d6c124c9de9168bf27c849e28bb159ec152e14f4642afb28d066dec3c44b613e39d1c5f68eb898608464a555bf149b3e7dbdd0c1fceff603e4c9fdfbc

  • SSDEEP

    3072:bZFNbt1lsPDfCHrO+Am8porp+4DsXXM0z55yCHj+svuQUXlpmhPZge:bZTlsPD2fABporlE80znyCH6svaVgPz

Score
10/10
dridex22206botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22206

C2

120.50.40.185:443

139.59.14.223:8172

121.40.104.209:6602

139.162.113.169:593
rc4.plain
rc4.plain

Targets

    • Target

      529a5bd3d20b261adf861d16181308f6ba1c78954a06ac81c03a14ca91b927dd

    • Size

      468KB

    • MD5

      03899e6968b2d279f562f0d7de487146

    • SHA1

      a2deacb9d5f251d29d1978fb62f087898c33cfac

    • SHA256

      529a5bd3d20b261adf861d16181308f6ba1c78954a06ac81c03a14ca91b927dd

    • SHA512

      fed3faf810eb27f9a0c82fc32a850c7626a14d1d35ae13ce063ffe9bf54087ab594cf0a1f176e5def580c77bce047f55e15c08019fb029292fac3be9901885c6

    • SSDEEP

      6144:b0610FnNqVnt0Rt1CVlp0R5aMSw8EekUXnAwd37izAQqK/o2B6LjiReYiLNEU:o6MSw8EekuB37izvjI/qU

    Score
    10/10
    dridex22206botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks