dridex | 07497843547dcd34de45ca66c1ac941a02a0efd247459c9346ab235d54a000b2 | Triage

Sharing

General

Target

JaffaCakes118_07497843547dcd34de45ca66c1ac941a02a0efd247459c9346ab235d54a000b2
Size

184KB
Sample

241230-ahgz4a1nhp
MD5

769b375eb88f957b2675f9241e65e120
SHA1

9661bf5c06f1fad297fee2ec5273cbdcfa75bfbc
SHA256

07497843547dcd34de45ca66c1ac941a02a0efd247459c9346ab235d54a000b2
SHA512

13d7059dba224e1461a4f9de28002dc6ed8f30668b6d125e94bb6d25729c29c837e8219f6a80c6c8af0e103adffbb36917e3690acb3dc5fab05b6b59e4b43a59
SSDEEP

3072:liLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoVlzoxss7:liLVCIT4WK2z1W+CUHZj4Skq/eao7oC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_07497843547dcd34de45ca66c1ac941a02a0efd247459c9346ab235d54a000b2
- Size
  
  184KB
- MD5
  
  769b375eb88f957b2675f9241e65e120
- SHA1
  
  9661bf5c06f1fad297fee2ec5273cbdcfa75bfbc
- SHA256
  
  07497843547dcd34de45ca66c1ac941a02a0efd247459c9346ab235d54a000b2
- SHA512
  
  13d7059dba224e1461a4f9de28002dc6ed8f30668b6d125e94bb6d25729c29c837e8219f6a80c6c8af0e103adffbb36917e3690acb3dc5fab05b6b59e4b43a59
- SSDEEP
  
  3072:liLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoVlzoxss7:liLVCIT4WK2z1W+CUHZj4Skq/eao7oC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader