dridex | 81da9e4388ceab6d46b72420f0dc334283b9746cd35d74dc03fc5428700d2902 | Triage

Sharing

General

Target

JaffaCakes118_81da9e4388ceab6d46b72420f0dc334283b9746cd35d74dc03fc5428700d2902
Size

160KB
Sample

241230-x75tsavndq
MD5

194861d30620e1b9735c1735ac818822
SHA1

c818ddde698033b7ff194b0f57a510d094f2f359
SHA256

81da9e4388ceab6d46b72420f0dc334283b9746cd35d74dc03fc5428700d2902
SHA512

214d9264669d05e7794311ffcad9525e2ba02bedec9f7b9db234792951708a2fecb6958df909056ac6bc9e53606402806a7831bac3bd29f2f50345c06fc4511f
SSDEEP

3072:es5RgjZh7gpk57/MbVelsxoNTen1v/HuxbIXU89J3WgMh8kH6:552j4pk5zMbVO6/HUIXU8KgMyk

Score

10^/10

dridex 40111 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

188.226.199.7:443

46.101.216.218:8172

178.254.33.197:2303

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_81da9e4388ceab6d46b72420f0dc334283b9746cd35d74dc03fc5428700d2902
- Size
  
  160KB
- MD5
  
  194861d30620e1b9735c1735ac818822
- SHA1
  
  c818ddde698033b7ff194b0f57a510d094f2f359
- SHA256
  
  81da9e4388ceab6d46b72420f0dc334283b9746cd35d74dc03fc5428700d2902
- SHA512
  
  214d9264669d05e7794311ffcad9525e2ba02bedec9f7b9db234792951708a2fecb6958df909056ac6bc9e53606402806a7831bac3bd29f2f50345c06fc4511f
- SSDEEP
  
  3072:es5RgjZh7gpk57/MbVelsxoNTen1v/HuxbIXU89J3WgMh8kH6:552j4pk5zMbVO6/HUIXU8KgMyk
Score

10^/10

dridex 40111 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex40111botnetdiscoveryloader

behavioral2

dridex40111botnetdiscoveryloader