dridex | 7e1b40e2eef9f61fdfa320c4fe9046ac575112f908cd1c1a0bbe78957c539205 | Triage

Sharing

General

Target

JaffaCakes118_7e1b40e2eef9f61fdfa320c4fe9046ac575112f908cd1c1a0bbe78957c539205
Size

188KB
Sample

241230-xcrzfatkdj
MD5

0b06a05cfb7c4c0dff6f8260f30e6714
SHA1

970516963e4672941278fe106f5a1de57b91ecd9
SHA256

7e1b40e2eef9f61fdfa320c4fe9046ac575112f908cd1c1a0bbe78957c539205
SHA512

23a256d5ef61f43aa869d985700ea0547fd53384ec4376c972b571e001d1046731e6ee18092af1a08aa2b6ab301f8fba58ecd719e0f56036430e2fcac7045229
SSDEEP

3072:VA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAopo:VzIqATVfQeV2FZalKq6jtGJWuTmd

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_7e1b40e2eef9f61fdfa320c4fe9046ac575112f908cd1c1a0bbe78957c539205
- Size
  
  188KB
- MD5
  
  0b06a05cfb7c4c0dff6f8260f30e6714
- SHA1
  
  970516963e4672941278fe106f5a1de57b91ecd9
- SHA256
  
  7e1b40e2eef9f61fdfa320c4fe9046ac575112f908cd1c1a0bbe78957c539205
- SHA512
  
  23a256d5ef61f43aa869d985700ea0547fd53384ec4376c972b571e001d1046731e6ee18092af1a08aa2b6ab301f8fba58ecd719e0f56036430e2fcac7045229
- SSDEEP
  
  3072:VA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAopo:VzIqATVfQeV2FZalKq6jtGJWuTmd
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader