dridex | d8d5ff27c78048c78f909bd0767c403546102c472075da1ff0c962799ec41072 | Triage

Sharing

General

Target

JaffaCakes118_d8d5ff27c78048c78f909bd0767c403546102c472075da1ff0c962799ec41072
Size

184KB
Sample

241230-adq27s1mgx
MD5

f5359a1cfa161f343dd3c42a8c13abff
SHA1

5671d98db37a0aa7d63ef43bd230a40371930374
SHA256

d8d5ff27c78048c78f909bd0767c403546102c472075da1ff0c962799ec41072
SHA512

a55141949902e6155efb2b152e702232ac320f1cb15f3c502f10f0219dc7dfb8dbdf550451990616beadaeedc0af33c94512084b66b101931cd991a1171195d0
SSDEEP

3072:diLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoklzoxss7:diLVCIT4WK2z1W+CUHZj4Skq/eaoaoC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_d8d5ff27c78048c78f909bd0767c403546102c472075da1ff0c962799ec41072
- Size
  
  184KB
- MD5
  
  f5359a1cfa161f343dd3c42a8c13abff
- SHA1
  
  5671d98db37a0aa7d63ef43bd230a40371930374
- SHA256
  
  d8d5ff27c78048c78f909bd0767c403546102c472075da1ff0c962799ec41072
- SHA512
  
  a55141949902e6155efb2b152e702232ac320f1cb15f3c502f10f0219dc7dfb8dbdf550451990616beadaeedc0af33c94512084b66b101931cd991a1171195d0
- SSDEEP
  
  3072:diLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoklzoxss7:diLVCIT4WK2z1W+CUHZj4Skq/eaoaoC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader