dridex | e8f064648753a404c08972fecc603e0ee9fd074df53c7419c193c431100213ed | Triage

Sharing

General

Target

JaffaCakes118_e8f064648753a404c08972fecc603e0ee9fd074df53c7419c193c431100213ed
Size

188KB
Sample

241230-3cp3qstlfm
MD5

091c39b2ab73116d8028f7766f6c8355
SHA1

d9a6e27c18c7538ca03f19771166fe766398067c
SHA256

e8f064648753a404c08972fecc603e0ee9fd074df53c7419c193c431100213ed
SHA512

7ab55c14936702e00f702ca0fdbe1e1154859994cdd70fd5c92cb3c9c896a2ff7137d62f1f71d9cc02c4cdf922c05496774e621cc525f1f7280e023fb899e52e
SSDEEP

3072:NA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoAo:NzIqATVfQeV2FZalKq6jtGJWuTmd

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_e8f064648753a404c08972fecc603e0ee9fd074df53c7419c193c431100213ed
- Size
  
  188KB
- MD5
  
  091c39b2ab73116d8028f7766f6c8355
- SHA1
  
  d9a6e27c18c7538ca03f19771166fe766398067c
- SHA256
  
  e8f064648753a404c08972fecc603e0ee9fd074df53c7419c193c431100213ed
- SHA512
  
  7ab55c14936702e00f702ca0fdbe1e1154859994cdd70fd5c92cb3c9c896a2ff7137d62f1f71d9cc02c4cdf922c05496774e621cc525f1f7280e023fb899e52e
- SSDEEP
  
  3072:NA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoAo:NzIqATVfQeV2FZalKq6jtGJWuTmd
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader