dridex | 052a4384ea98df612a6d7049025d15f92d9b1f9f318b1aa3849d4492b7b17694 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...94.dll

windows7-x64

JaffaCakes...94.dll

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_052a4384ea98df612a6d7049025d15f92d9b1f9f318b1aa3849d4492b7b17694
Size

184KB
Sample

241230-xgxeqawmfs
MD5

8ddf7e26a493064bdfa6cc11e25059a7
SHA1

ea57ff2d36444a18160967e08cc67431371a1031
SHA256

052a4384ea98df612a6d7049025d15f92d9b1f9f318b1aa3849d4492b7b17694
SHA512

00797e9972a6a81cb6928122c3cc22556b1a3d1d910d7c9d0a63f95bbf6cb966e2e03e939feef2a4936a37c1e52059f9e52b922820f98536afbd94933a34b827
SSDEEP

3072:L92qSmHOhnWpPI1ybmJIiC00PArIojHTYVBCn+rs3Ss3qLMT9rLA:L9NSMOEpQ1Q3ODAr+Vd

Score

10^/10

dridex 22203 botnet discovery loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_052a4384ea98df612a6d7049025d15f92d9b1f9f318b1aa3849d4492b7b17694.dll

Resource

win7-20240903-en

dridex 22203 botnet discovery loader

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_052a4384ea98df612a6d7049025d15f92d9b1f9f318b1aa3849d4492b7b17694.dll

Resource

win10v2004-20241007-en

dridex 22203 botnet discovery loader

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

dridex

Botnet

22203

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_052a4384ea98df612a6d7049025d15f92d9b1f9f318b1aa3849d4492b7b17694
- Size
  
  184KB
- MD5
  
  8ddf7e26a493064bdfa6cc11e25059a7
- SHA1
  
  ea57ff2d36444a18160967e08cc67431371a1031
- SHA256
  
  052a4384ea98df612a6d7049025d15f92d9b1f9f318b1aa3849d4492b7b17694
- SHA512
  
  00797e9972a6a81cb6928122c3cc22556b1a3d1d910d7c9d0a63f95bbf6cb966e2e03e939feef2a4936a37c1e52059f9e52b922820f98536afbd94933a34b827
- SSDEEP
  
  3072:L92qSmHOhnWpPI1ybmJIiC00PArIojHTYVBCn+rs3Ss3qLMT9rLA:L9NSMOEpQ1Q3ODAr+Vd
Score

10^/10

dridex 22203 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22203botnetdiscoveryloader

behavioral2

dridex22203botnetdiscoveryloader

© 2018-2025

Terms | Privacy