dridex | d3362872a109882ba53256415a24e60795ba356d4596a75a04556ea712bf66ca | Triage

Sharing

General

Target

JaffaCakes118_d3362872a109882ba53256415a24e60795ba356d4596a75a04556ea712bf66ca
Size

177KB
Sample

241230-ef4hjaxmdv
MD5

800745c35fb5a6c4d02ff9ec6fd75143
SHA1

259cf9a3ee78b4fbb666d58fcc3c6b2f545b32e3
SHA256

d3362872a109882ba53256415a24e60795ba356d4596a75a04556ea712bf66ca
SHA512

b3302962397f9804694ae284bbebf25be91c839659b82432b428e0d9345e400c88d5756a1d1db06bca848ef180cdc1fae5b17cbcad637c928022a2bdc5a5237f
SSDEEP

3072:AuCmyBVtWxZCOCA4Hpl1tv18FTETA8ocya/OyoSJPAacbnid8DOHPJ+HJ:szWxkOP4p2EesvcDi6DOHPJ

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

144.76.1.150:443

50.249.212.98:23399

104.168.154.79:5007

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_d3362872a109882ba53256415a24e60795ba356d4596a75a04556ea712bf66ca
- Size
  
  177KB
- MD5
  
  800745c35fb5a6c4d02ff9ec6fd75143
- SHA1
  
  259cf9a3ee78b4fbb666d58fcc3c6b2f545b32e3
- SHA256
  
  d3362872a109882ba53256415a24e60795ba356d4596a75a04556ea712bf66ca
- SHA512
  
  b3302962397f9804694ae284bbebf25be91c839659b82432b428e0d9345e400c88d5756a1d1db06bca848ef180cdc1fae5b17cbcad637c928022a2bdc5a5237f
- SSDEEP
  
  3072:AuCmyBVtWxZCOCA4Hpl1tv18FTETA8ocya/OyoSJPAacbnid8DOHPJ+HJ:szWxkOP4p2EesvcDi6DOHPJ
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader