dridex | 3541a783f42ba37e309a335f58b624b04b6e3a97e52a7c3e30d1d9ee556f2086 | Triage

Sharing

General

Target

JaffaCakes118_3541a783f42ba37e309a335f58b624b04b6e3a97e52a7c3e30d1d9ee556f2086
Size

188KB
Sample

241230-e2j11sxrgw
MD5

4c205fff1ab327b17b381c9af2355155
SHA1

2a680292772516dfea3cb572630b29f2992f60a0
SHA256

3541a783f42ba37e309a335f58b624b04b6e3a97e52a7c3e30d1d9ee556f2086
SHA512

b679f386b563db9f536891a365af651bbf70d058c2c8746863742036285ad82e7f0ade08139e00fcbd3f61b58c64950b4400c0dcb1460c95a5ab17ea10eb4518
SSDEEP

3072:ZA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAojo:ZzIqATVfQeV2FZalKq6jtGJWuTmd

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_3541a783f42ba37e309a335f58b624b04b6e3a97e52a7c3e30d1d9ee556f2086
- Size
  
  188KB
- MD5
  
  4c205fff1ab327b17b381c9af2355155
- SHA1
  
  2a680292772516dfea3cb572630b29f2992f60a0
- SHA256
  
  3541a783f42ba37e309a335f58b624b04b6e3a97e52a7c3e30d1d9ee556f2086
- SHA512
  
  b679f386b563db9f536891a365af651bbf70d058c2c8746863742036285ad82e7f0ade08139e00fcbd3f61b58c64950b4400c0dcb1460c95a5ab17ea10eb4518
- SSDEEP
  
  3072:ZA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAojo:ZzIqATVfQeV2FZalKq6jtGJWuTmd
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader