dridex | df52a446e29de43f0898efb12fd1d35fcd9c19614f0b96590f4d4601bf53c522 | Triage

Sharing

General

Target

JaffaCakes118_df52a446e29de43f0898efb12fd1d35fcd9c19614f0b96590f4d4601bf53c522
Size

160KB
Sample

241230-2rgt8ssmfn
MD5

dd78990a5d85303183e5ba92759de003
SHA1

617e784dc9895222ac7549a8312b554472f50033
SHA256

df52a446e29de43f0898efb12fd1d35fcd9c19614f0b96590f4d4601bf53c522
SHA512

13ab9ff7d4d5031e541bc2c5b1799dfb4defc8fa695460943636cda8faf76e5884782e855ac1a55891d3c65cad437abacd317ceaf315eba7056c17f00e2f6281
SSDEEP

3072:3M5RgjZh7gpk57/MbVelsxoNTen1v/HuxbIXU89J3WgMh8ZH6:852j4pk5zMbVO6/HUIXU8KgMyZ

Score

10^/10

dridex 40111 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

188.226.199.7:443

46.101.216.218:8172

178.254.33.197:2303

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_df52a446e29de43f0898efb12fd1d35fcd9c19614f0b96590f4d4601bf53c522
- Size
  
  160KB
- MD5
  
  dd78990a5d85303183e5ba92759de003
- SHA1
  
  617e784dc9895222ac7549a8312b554472f50033
- SHA256
  
  df52a446e29de43f0898efb12fd1d35fcd9c19614f0b96590f4d4601bf53c522
- SHA512
  
  13ab9ff7d4d5031e541bc2c5b1799dfb4defc8fa695460943636cda8faf76e5884782e855ac1a55891d3c65cad437abacd317ceaf315eba7056c17f00e2f6281
- SSDEEP
  
  3072:3M5RgjZh7gpk57/MbVelsxoNTen1v/HuxbIXU89J3WgMh8ZH6:852j4pk5zMbVO6/HUIXU8KgMyZ
Score

10^/10

dridex 40111 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex40111botnetdiscoveryloader

behavioral2

dridex40111botnetdiscoveryloader