dridex

General

Target

JaffaCakes118_9a8ca3a15389cf4f3c1965f4287bca01ccd7fe9ca0285075b11be1cdbfa73909
Size

159KB
Sample

241230-gmdlsszphs
MD5

eb790d6da10de4520872ba55368d2a33
SHA1

7fe01beb31155b5769e285972dd97033199c37e6
SHA256

9a8ca3a15389cf4f3c1965f4287bca01ccd7fe9ca0285075b11be1cdbfa73909
SHA512

8cfd29fabd28aa03b925ff07e72f9e47fab38d6859dd596e4d006db5f7935dc358abb3da6491f7588741b4b25ed81ee49fbec2b2b9c636b1d7752d05d3c351c7
SSDEEP

3072:3d8CMtKJlXoDFwXrdV/9/uWIdojDZl4epTGmoAc7iTRilfn6wlYYmZwd:unClX8WZ7/HrRCADTR0Vl0Zw

Score

10^/10

Malware Config

Extracted

Family

dridex

Botnet

22203

C2

78.46.73.125:443

185.148.168.26:2303

66.113.160.126:8172

rc4.plain

Targets

- Target
  
  JaffaCakes118_9a8ca3a15389cf4f3c1965f4287bca01ccd7fe9ca0285075b11be1cdbfa73909
- Size
  
  159KB
- MD5
  
  eb790d6da10de4520872ba55368d2a33
- SHA1
  
  7fe01beb31155b5769e285972dd97033199c37e6
- SHA256
  
  9a8ca3a15389cf4f3c1965f4287bca01ccd7fe9ca0285075b11be1cdbfa73909
- SHA512
  
  8cfd29fabd28aa03b925ff07e72f9e47fab38d6859dd596e4d006db5f7935dc358abb3da6491f7588741b4b25ed81ee49fbec2b2b9c636b1d7752d05d3c351c7
- SSDEEP
  
  3072:3d8CMtKJlXoDFwXrdV/9/uWIdojDZl4epTGmoAc7iTRilfn6wlYYmZwd:unClX8WZ7/HrRCADTR0Vl0Zw
Score

10^/10

dridex 22203 botnet discovery evasion loader trojan
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Dridex family

Dridex Loader

Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2