dridex | 5b9acea519f4fa2c55f5bd7668190f3985827d70200c2fffb7f8d62f9007b2ca | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...ca.dll

windows7-x64

JaffaCakes...ca.dll

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_5b9acea519f4fa2c55f5bd7668190f3985827d70200c2fffb7f8d62f9007b2ca
Size

184KB
Sample

241230-gskx3azqgz
MD5

bfcb9c8f19c3a03974700c4119280989
SHA1

c31bb52a09bb54b53a04f8ff64a8ee166df8d4e8
SHA256

5b9acea519f4fa2c55f5bd7668190f3985827d70200c2fffb7f8d62f9007b2ca
SHA512

2b925873c0a0bcfbeb2dd1ecff17a095abd34bc788643c9dd2b58c86c52a80059103353ab8456acc1cb3488cdb7221f1fbc1a5dacdaba5ad5ade1cbbd1c6929a
SSDEEP

3072:p92qSmHOhnWpPI1ybmJIiC00PArIojHTYVBCn+rs3Ss3qLMTOrLA:p9NSMOEpQ1Q3ODAr+VK

Score

10^/10

dridex 22203 botnet discovery loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_5b9acea519f4fa2c55f5bd7668190f3985827d70200c2fffb7f8d62f9007b2ca.dll

Resource

win7-20240903-en

dridex 22203 botnet discovery loader

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_5b9acea519f4fa2c55f5bd7668190f3985827d70200c2fffb7f8d62f9007b2ca.dll

Resource

win10v2004-20241007-en

dridex 22203 botnet discovery loader

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

dridex

Botnet

22203

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_5b9acea519f4fa2c55f5bd7668190f3985827d70200c2fffb7f8d62f9007b2ca
- Size
  
  184KB
- MD5
  
  bfcb9c8f19c3a03974700c4119280989
- SHA1
  
  c31bb52a09bb54b53a04f8ff64a8ee166df8d4e8
- SHA256
  
  5b9acea519f4fa2c55f5bd7668190f3985827d70200c2fffb7f8d62f9007b2ca
- SHA512
  
  2b925873c0a0bcfbeb2dd1ecff17a095abd34bc788643c9dd2b58c86c52a80059103353ab8456acc1cb3488cdb7221f1fbc1a5dacdaba5ad5ade1cbbd1c6929a
- SSDEEP
  
  3072:p92qSmHOhnWpPI1ybmJIiC00PArIojHTYVBCn+rs3Ss3qLMTOrLA:p9NSMOEpQ1Q3ODAr+VK
Score

10^/10

dridex 22203 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22203botnetdiscoveryloader

behavioral2

dridex22203botnetdiscoveryloader

© 2018-2025

Terms | Privacy