dridex | 3e8c63667d141c0b15ad669301cbc23644e94c7e9a54570ae4a4305c633fb30a | Triage

Sharing

General

Target

JaffaCakes118_3e8c63667d141c0b15ad669301cbc23644e94c7e9a54570ae4a4305c633fb30a
Size

177KB
Sample

241230-3ngkqsxkas
MD5

1af8b6f90ead4648360633c8106cf837
SHA1

fa3e418aebf001728dec2b3cfe96faa823ece28f
SHA256

3e8c63667d141c0b15ad669301cbc23644e94c7e9a54570ae4a4305c633fb30a
SHA512

62bdb5f38974f4fae5a1c470315cc78833ccd78da4a9f68b7d0e7a3fbafb6d73d710f54b8d904d38270746c3d9f16c9596a0c13d47b5ce058f437dd69518d5b5
SSDEEP

3072:joNQK/z2dvUgKrjbeSUAjnERwDkCWptcvcb8qgAE0A2C8FQUVac8SlrKI6bl/g:saIzLgKrjbvUAjERycp6c8qgATA2TQUa

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

45.79.91.89:9987

157.245.231.228:6051

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_3e8c63667d141c0b15ad669301cbc23644e94c7e9a54570ae4a4305c633fb30a
- Size
  
  177KB
- MD5
  
  1af8b6f90ead4648360633c8106cf837
- SHA1
  
  fa3e418aebf001728dec2b3cfe96faa823ece28f
- SHA256
  
  3e8c63667d141c0b15ad669301cbc23644e94c7e9a54570ae4a4305c633fb30a
- SHA512
  
  62bdb5f38974f4fae5a1c470315cc78833ccd78da4a9f68b7d0e7a3fbafb6d73d710f54b8d904d38270746c3d9f16c9596a0c13d47b5ce058f437dd69518d5b5
- SSDEEP
  
  3072:joNQK/z2dvUgKrjbeSUAjnERwDkCWptcvcb8qgAE0A2C8FQUVac8SlrKI6bl/g:saIzLgKrjbvUAjERycp6c8qgATA2TQUa
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader