dridex | f35f3521db0090fbc27d9efbbcb14775ea902e45a9d9fa038488b4d11e175c08 | Triage

Sharing

General

Target

JaffaCakes118_f35f3521db0090fbc27d9efbbcb14775ea902e45a9d9fa038488b4d11e175c08
Size

160KB
Sample

241230-wxen6svpat
MD5

927ec3dfef11e49978fadc4c6b3c32cc
SHA1

090f47ce161eff121ddf776bb62e57f02a6759dc
SHA256

f35f3521db0090fbc27d9efbbcb14775ea902e45a9d9fa038488b4d11e175c08
SHA512

9a6b6b370817820f4e068ba2be958848d09059dc0970124433bc9872791bc2b12d9f2dd4725221bbaeefd199d3fa2a63389c5bbf6ac5b064a5cab5907a991837
SSDEEP

3072:sF5RgjZh7gpk57/MbVelsxoNTen1v/HuxbIXU89J3WgMh8DH6:m52j4pk5zMbVO6/HUIXU8KgMyD

Score

10^/10

dridex 40111 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

188.226.199.7:443

46.101.216.218:8172

178.254.33.197:2303

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_f35f3521db0090fbc27d9efbbcb14775ea902e45a9d9fa038488b4d11e175c08
- Size
  
  160KB
- MD5
  
  927ec3dfef11e49978fadc4c6b3c32cc
- SHA1
  
  090f47ce161eff121ddf776bb62e57f02a6759dc
- SHA256
  
  f35f3521db0090fbc27d9efbbcb14775ea902e45a9d9fa038488b4d11e175c08
- SHA512
  
  9a6b6b370817820f4e068ba2be958848d09059dc0970124433bc9872791bc2b12d9f2dd4725221bbaeefd199d3fa2a63389c5bbf6ac5b064a5cab5907a991837
- SSDEEP
  
  3072:sF5RgjZh7gpk57/MbVelsxoNTen1v/HuxbIXU89J3WgMh8DH6:m52j4pk5zMbVO6/HUIXU8KgMyD
Score

10^/10

dridex 40111 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex40111botnetdiscoveryloader

behavioral2

dridex40111botnetdiscoveryloader