dridex | 67f276d91a83c99ea02ff2bd460a0345238ef5f7676c85d764933a2f7a1e5919 | Triage

Sharing

General

Target

JaffaCakes118_67f276d91a83c99ea02ff2bd460a0345238ef5f7676c85d764933a2f7a1e5919
Size

184KB
Sample

241230-adwbxs1mgy
MD5

28049a5de77c1c45e5c3ddb793772787
SHA1

f7872e10933e05994c21a656fd288e24941e8b7b
SHA256

67f276d91a83c99ea02ff2bd460a0345238ef5f7676c85d764933a2f7a1e5919
SHA512

35fdda444140730bf8564874c9f1b283dc5ff42f931d6f8a6c157b76af601585ee60daf316da1ba002b7b15d167e8463521e0419c785774b5b0d4320f482d49f
SSDEEP

3072:giLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoclzoxss7:giLVCIT4WK2z1W+CUHZj4Skq/eaoioC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_67f276d91a83c99ea02ff2bd460a0345238ef5f7676c85d764933a2f7a1e5919
- Size
  
  184KB
- MD5
  
  28049a5de77c1c45e5c3ddb793772787
- SHA1
  
  f7872e10933e05994c21a656fd288e24941e8b7b
- SHA256
  
  67f276d91a83c99ea02ff2bd460a0345238ef5f7676c85d764933a2f7a1e5919
- SHA512
  
  35fdda444140730bf8564874c9f1b283dc5ff42f931d6f8a6c157b76af601585ee60daf316da1ba002b7b15d167e8463521e0419c785774b5b0d4320f482d49f
- SSDEEP
  
  3072:giLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoclzoxss7:giLVCIT4WK2z1W+CUHZj4Skq/eaoioC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader