dridex | 941f38369fb60ca040edef43f6bb65d7354eee627fb360b1a6a3e68fb173a84b | Triage

Sharing

General

Target

JaffaCakes118_941f38369fb60ca040edef43f6bb65d7354eee627fb360b1a6a3e68fb173a84b
Size

184KB
Sample

241230-wntrqsvlay
MD5

68200323c890ea1f32247b19ef090f6c
SHA1

0ff8a635d42fa98f71283a518607b58a519b51b5
SHA256

941f38369fb60ca040edef43f6bb65d7354eee627fb360b1a6a3e68fb173a84b
SHA512

8ff1751930c0f72e0296ac60901f55e74a75ebcc9b6c42d41a403ed2a2c8c0dd75a5185657733eb9c48690eb5cffdad4f5bed203f9ca8e490189d0e47fb568aa
SSDEEP

3072:diLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoqlzoxss7:diLVCIT4WK2z1W+CUHZj4Skq/eaogoC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_941f38369fb60ca040edef43f6bb65d7354eee627fb360b1a6a3e68fb173a84b
- Size
  
  184KB
- MD5
  
  68200323c890ea1f32247b19ef090f6c
- SHA1
  
  0ff8a635d42fa98f71283a518607b58a519b51b5
- SHA256
  
  941f38369fb60ca040edef43f6bb65d7354eee627fb360b1a6a3e68fb173a84b
- SHA512
  
  8ff1751930c0f72e0296ac60901f55e74a75ebcc9b6c42d41a403ed2a2c8c0dd75a5185657733eb9c48690eb5cffdad4f5bed203f9ca8e490189d0e47fb568aa
- SSDEEP
  
  3072:diLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoqlzoxss7:diLVCIT4WK2z1W+CUHZj4Skq/eaogoC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader