dridex | 626ab033b379a1b3d3cbd69b4061fb912cbc56e327ec6f364f6efe19a1ab823e | Triage

Sharing

General

Target

JaffaCakes118_626ab033b379a1b3d3cbd69b4061fb912cbc56e327ec6f364f6efe19a1ab823e
Size

188KB
Sample

241230-fa4rsaykgz
MD5

0c07186e2c6e6b7c42f1faef6bb6f696
SHA1

1541eee1aa9d22d62318466764f1971c8d968e91
SHA256

626ab033b379a1b3d3cbd69b4061fb912cbc56e327ec6f364f6efe19a1ab823e
SHA512

edffdedc97b6fae3eb45d04b45a11641263a409b03b573d53875041ac143e2d38bcbd985a4af2cf2f9a6aadf4df7de4e28c1d0815c1ba2b988046872d0cfb040
SSDEEP

3072:DA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoKo:DzIqATVfQeV2FZalKq6jtGJWuTmd

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_626ab033b379a1b3d3cbd69b4061fb912cbc56e327ec6f364f6efe19a1ab823e
- Size
  
  188KB
- MD5
  
  0c07186e2c6e6b7c42f1faef6bb6f696
- SHA1
  
  1541eee1aa9d22d62318466764f1971c8d968e91
- SHA256
  
  626ab033b379a1b3d3cbd69b4061fb912cbc56e327ec6f364f6efe19a1ab823e
- SHA512
  
  edffdedc97b6fae3eb45d04b45a11641263a409b03b573d53875041ac143e2d38bcbd985a4af2cf2f9a6aadf4df7de4e28c1d0815c1ba2b988046872d0cfb040
- SSDEEP
  
  3072:DA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoKo:DzIqATVfQeV2FZalKq6jtGJWuTmd
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader