dridex | 1363dc248643987ee2846a3cbcc26256347ff5605b670398c36df022a561a9ef | Triage

Sharing

General

Target

JaffaCakes118_1363dc248643987ee2846a3cbcc26256347ff5605b670398c36df022a561a9ef
Size

188KB
Sample

241230-ep9e5sxpcj
MD5

31908547c5c7f321dd0b991ad1307021
SHA1

48d1ed526d39e6fa1f63ef07af8216497b39abc3
SHA256

1363dc248643987ee2846a3cbcc26256347ff5605b670398c36df022a561a9ef
SHA512

25e63780d32c2a7b491df715d2e5638db8d9ffa72fb3f08d510c161b675aec1201b7972e705d8872e4b26439b2fe058f32c5e546481a83887b1feb9e0352dae5
SSDEEP

3072:KA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoNo:KzIqATVfQeV2FZalKq6jtGJWuTmd

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_1363dc248643987ee2846a3cbcc26256347ff5605b670398c36df022a561a9ef
- Size
  
  188KB
- MD5
  
  31908547c5c7f321dd0b991ad1307021
- SHA1
  
  48d1ed526d39e6fa1f63ef07af8216497b39abc3
- SHA256
  
  1363dc248643987ee2846a3cbcc26256347ff5605b670398c36df022a561a9ef
- SHA512
  
  25e63780d32c2a7b491df715d2e5638db8d9ffa72fb3f08d510c161b675aec1201b7972e705d8872e4b26439b2fe058f32c5e546481a83887b1feb9e0352dae5
- SSDEEP
  
  3072:KA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoNo:KzIqATVfQeV2FZalKq6jtGJWuTmd
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader