dridex | 754cb130df0dc1f7600a6bab040ac362e8aa9abe5a91150e2733f694bb81cb87 | Triage

Sharing

General

Target

JaffaCakes118_754cb130df0dc1f7600a6bab040ac362e8aa9abe5a91150e2733f694bb81cb87
Size

184KB
Sample

241230-bzpa6stlcw
MD5

943ca46543913ba6af8c8c3ef9bb858e
SHA1

15e33b7f43069e64c977282fb57560380381af63
SHA256

754cb130df0dc1f7600a6bab040ac362e8aa9abe5a91150e2733f694bb81cb87
SHA512

a0860d9494769ec37a644005ed8945fc8ff4e11095f6f7fdd6bc41d29bc220ddbf93bb55acb024592d15210132e5d8d6a7a4a9e7ae967c7223997cfab85a2da4
SSDEEP

3072:xiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eao2lzoxss7:xiLVCIT4WK2z1W+CUHZj4Skq/eaokoC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_754cb130df0dc1f7600a6bab040ac362e8aa9abe5a91150e2733f694bb81cb87
- Size
  
  184KB
- MD5
  
  943ca46543913ba6af8c8c3ef9bb858e
- SHA1
  
  15e33b7f43069e64c977282fb57560380381af63
- SHA256
  
  754cb130df0dc1f7600a6bab040ac362e8aa9abe5a91150e2733f694bb81cb87
- SHA512
  
  a0860d9494769ec37a644005ed8945fc8ff4e11095f6f7fdd6bc41d29bc220ddbf93bb55acb024592d15210132e5d8d6a7a4a9e7ae967c7223997cfab85a2da4
- SSDEEP
  
  3072:xiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eao2lzoxss7:xiLVCIT4WK2z1W+CUHZj4Skq/eaokoC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader