dridex | da838509b60e95dc3a1f906a6a6139ce1a2dabf164639c42c41c36fe5b3c86d5 | Triage

Submit
Reports

Overview

overview

Static

static

1

JaffaCakes...d5.dll

windows7-x64

JaffaCakes...d5.dll

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_da838509b60e95dc3a1f906a6a6139ce1a2dabf164639c42c41c36fe5b3c86d5
Size

166KB
Sample

241230-xy8jbaxkh1
MD5

25da0cc99cb43e36edcfcb2d63778d8c
SHA1

ab34bd5ffaf7ba3e50d7ba7d56a03b497558a803
SHA256

da838509b60e95dc3a1f906a6a6139ce1a2dabf164639c42c41c36fe5b3c86d5
SHA512

d0933a7f20971d2c51c3cb3723c8389ab51501c56c8b4e53ecd37d468c1e955d7cf73acdb93b55ca99fd4185bd7e06c71ecd8cc5e0e8df4c4797be40aea12612
SSDEEP

3072:vBoQc0M7/8wZQvUlM7EF+V2xReSbHNjztUJQ8eHPD:5uhcclWEc2HeSjNjGdevD

Score

10^/10

dridex 22203 botnet discovery loader

Static task

static1

Behavioral task

behavioral1

Sample

JaffaCakes118_da838509b60e95dc3a1f906a6a6139ce1a2dabf164639c42c41c36fe5b3c86d5.dll

Resource

win7-20241023-en

dridex 22203 botnet discovery loader

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_da838509b60e95dc3a1f906a6a6139ce1a2dabf164639c42c41c36fe5b3c86d5.dll

Resource

win10v2004-20241007-en

dridex 22203 botnet discovery loader

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

dridex

Botnet

22203

C2

131.100.24.202:443

193.160.214.95:4125

67.43.4.76:8172

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_da838509b60e95dc3a1f906a6a6139ce1a2dabf164639c42c41c36fe5b3c86d5
- Size
  
  166KB
- MD5
  
  25da0cc99cb43e36edcfcb2d63778d8c
- SHA1
  
  ab34bd5ffaf7ba3e50d7ba7d56a03b497558a803
- SHA256
  
  da838509b60e95dc3a1f906a6a6139ce1a2dabf164639c42c41c36fe5b3c86d5
- SHA512
  
  d0933a7f20971d2c51c3cb3723c8389ab51501c56c8b4e53ecd37d468c1e955d7cf73acdb93b55ca99fd4185bd7e06c71ecd8cc5e0e8df4c4797be40aea12612
- SSDEEP
  
  3072:vBoQc0M7/8wZQvUlM7EF+V2xReSbHNjztUJQ8eHPD:5uhcclWEc2HeSjNjGdevD
Score

10^/10

dridex 22203 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22203botnetdiscoveryloader

behavioral2

dridex22203botnetdiscoveryloader

© 2018-2025

Terms | Privacy