dridex | 081151867aad555a2c20f5b094bf696f20ce1473d73391b0257a893ff4b023e6 | Triage

Sharing

General

Target

JaffaCakes118_081151867aad555a2c20f5b094bf696f20ce1473d73391b0257a893ff4b023e6
Size

188KB
Sample

241230-w3a8yaspgm
MD5

55b4d56191e437b73e84ebf937593215
SHA1

8ad09ad2f52c862493b30c1430273ef9e41562a8
SHA256

081151867aad555a2c20f5b094bf696f20ce1473d73391b0257a893ff4b023e6
SHA512

60c07120a18899a9fcbfb04f09dcfcda76e347177cf008b9975f4112b85ad24de440a5c8e1f83458c60ee4d846aa886e95d7efbca2a0ac53b7668c7ed966b93a
SSDEEP

3072:zA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoao:zzIqATVfQeV2FZalKq6jtGJWuTmd

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_081151867aad555a2c20f5b094bf696f20ce1473d73391b0257a893ff4b023e6
- Size
  
  188KB
- MD5
  
  55b4d56191e437b73e84ebf937593215
- SHA1
  
  8ad09ad2f52c862493b30c1430273ef9e41562a8
- SHA256
  
  081151867aad555a2c20f5b094bf696f20ce1473d73391b0257a893ff4b023e6
- SHA512
  
  60c07120a18899a9fcbfb04f09dcfcda76e347177cf008b9975f4112b85ad24de440a5c8e1f83458c60ee4d846aa886e95d7efbca2a0ac53b7668c7ed966b93a
- SSDEEP
  
  3072:zA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoao:zzIqATVfQeV2FZalKq6jtGJWuTmd
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader