dridex | 5c118fb019cdf926c8a17da7693594b6c593cf54f9ca4288d002109a7ac76b51 | Triage

Sharing

General

Target

JaffaCakes118_5c118fb019cdf926c8a17da7693594b6c593cf54f9ca4288d002109a7ac76b51
Size

188KB
Sample

241230-w3crrsvqey
MD5

03d0982d82a12e2581955ddedcc0009b
SHA1

a60a78473c0cf920ce307b7a952baf9b3b0a6807
SHA256

5c118fb019cdf926c8a17da7693594b6c593cf54f9ca4288d002109a7ac76b51
SHA512

c99709361903d37b9c7c1fef5884e78e60d4d0caab3a9392e67c0b5a3339f5530b190b35c737392c0219c306331f2c08c35947d427544c0b3bfb7621c95645a3
SSDEEP

3072:8A8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAo4o:8zIqATVfQeV2FZalKq6jtGJWuTmd

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_5c118fb019cdf926c8a17da7693594b6c593cf54f9ca4288d002109a7ac76b51
- Size
  
  188KB
- MD5
  
  03d0982d82a12e2581955ddedcc0009b
- SHA1
  
  a60a78473c0cf920ce307b7a952baf9b3b0a6807
- SHA256
  
  5c118fb019cdf926c8a17da7693594b6c593cf54f9ca4288d002109a7ac76b51
- SHA512
  
  c99709361903d37b9c7c1fef5884e78e60d4d0caab3a9392e67c0b5a3339f5530b190b35c737392c0219c306331f2c08c35947d427544c0b3bfb7621c95645a3
- SSDEEP
  
  3072:8A8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAo4o:8zIqATVfQeV2FZalKq6jtGJWuTmd
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader