dridex | 86414652da29c90ae1e4cfbdeef76d3871da76a56f17868243437c43c1cd2d54 | Triage

Sharing

General

Target

JaffaCakes118_86414652da29c90ae1e4cfbdeef76d3871da76a56f17868243437c43c1cd2d54
Size

188KB
Sample

241230-d4yfraxjap
MD5

7f786e6f0f895db493694d93d9525353
SHA1

b523b9fca590849c96a1321948259fc6a4b516db
SHA256

86414652da29c90ae1e4cfbdeef76d3871da76a56f17868243437c43c1cd2d54
SHA512

ef1806b9bfbc0fae1fea81169163a987d20d239169cf8174608554c1e047949ab68d0d40923516c112d147859dc3907c96d6daae573611e8e43b19f247da076f
SSDEEP

3072:9teMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzR9qM:Jq7fYIHBZkTB6DWruUCOwjt

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_86414652da29c90ae1e4cfbdeef76d3871da76a56f17868243437c43c1cd2d54
- Size
  
  188KB
- MD5
  
  7f786e6f0f895db493694d93d9525353
- SHA1
  
  b523b9fca590849c96a1321948259fc6a4b516db
- SHA256
  
  86414652da29c90ae1e4cfbdeef76d3871da76a56f17868243437c43c1cd2d54
- SHA512
  
  ef1806b9bfbc0fae1fea81169163a987d20d239169cf8174608554c1e047949ab68d0d40923516c112d147859dc3907c96d6daae573611e8e43b19f247da076f
- SSDEEP
  
  3072:9teMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzR9qM:Jq7fYIHBZkTB6DWruUCOwjt
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader