dridex | 786e142e43950916f463363441c2db4481a6e52292af6e116bc28fa506f82c1e | Triage

Sharing

General

Target

JaffaCakes118_786e142e43950916f463363441c2db4481a6e52292af6e116bc28fa506f82c1e
Size

188KB
Sample

241230-e7skcaykeq
MD5

9cbeca7209d83b32c94d625c609a57cf
SHA1

96474969466fd2f412d8b9eb124e2b453e162ef9
SHA256

786e142e43950916f463363441c2db4481a6e52292af6e116bc28fa506f82c1e
SHA512

061abdb79862a5c8e842cea92b055aba0564962829273a1e29752a69574571fe50ece0e64dad9d32da1476f85e1203b4fc588c2de307686528abae9dd4a7c6c6
SSDEEP

3072:jA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAo/o:jzIqATVfQeV2FZalKq6jtGJWuTmd

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_786e142e43950916f463363441c2db4481a6e52292af6e116bc28fa506f82c1e
- Size
  
  188KB
- MD5
  
  9cbeca7209d83b32c94d625c609a57cf
- SHA1
  
  96474969466fd2f412d8b9eb124e2b453e162ef9
- SHA256
  
  786e142e43950916f463363441c2db4481a6e52292af6e116bc28fa506f82c1e
- SHA512
  
  061abdb79862a5c8e842cea92b055aba0564962829273a1e29752a69574571fe50ece0e64dad9d32da1476f85e1203b4fc588c2de307686528abae9dd4a7c6c6
- SSDEEP
  
  3072:jA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAo/o:jzIqATVfQeV2FZalKq6jtGJWuTmd
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader