dridex | aec7f3d2989d5868f8bd1d804fd172d0ca44b1cd309a03a4ed45ad53a89fb929 | Triage

Sharing

General

Target

JaffaCakes118_aec7f3d2989d5868f8bd1d804fd172d0ca44b1cd309a03a4ed45ad53a89fb929
Size

184KB
Sample

241230-bzfzsstmap
MD5

1cabb8f61924e306fb1aebc61b58a2c1
SHA1

aa1d3655c71cc77b975618a2fcd87025519cdc55
SHA256

aec7f3d2989d5868f8bd1d804fd172d0ca44b1cd309a03a4ed45ad53a89fb929
SHA512

4ee115fa2a9b2f9e1744694cc3b497cff50ca32cb8b07368dfed723e9796322741318c1d20dea3ad5886bbd0feffec7b9aa92e9e03728bcd42110a6dacb496cc
SSDEEP

3072:SiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaonlzoxss7:SiLVCIT4WK2z1W+CUHZj4Skq/eaoVoC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_aec7f3d2989d5868f8bd1d804fd172d0ca44b1cd309a03a4ed45ad53a89fb929
- Size
  
  184KB
- MD5
  
  1cabb8f61924e306fb1aebc61b58a2c1
- SHA1
  
  aa1d3655c71cc77b975618a2fcd87025519cdc55
- SHA256
  
  aec7f3d2989d5868f8bd1d804fd172d0ca44b1cd309a03a4ed45ad53a89fb929
- SHA512
  
  4ee115fa2a9b2f9e1744694cc3b497cff50ca32cb8b07368dfed723e9796322741318c1d20dea3ad5886bbd0feffec7b9aa92e9e03728bcd42110a6dacb496cc
- SSDEEP
  
  3072:SiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaonlzoxss7:SiLVCIT4WK2z1W+CUHZj4Skq/eaoVoC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader