dridex | e95c60370891081d162ebb89e691e588bc24107507c3609daa6d0f0ba108a570 | Triage

Sharing

General

Target

JaffaCakes118_e95c60370891081d162ebb89e691e588bc24107507c3609daa6d0f0ba108a570
Size

188KB
Sample

241230-y15e4szkhs
MD5

0fa743520e01b6455d67d9402aae46af
SHA1

55813da18232c05e2864667a898438b482d84a32
SHA256

e95c60370891081d162ebb89e691e588bc24107507c3609daa6d0f0ba108a570
SHA512

66fcdf3d2e1a0959350052aff50a8797e0eb61b82d7365065ef39a507268c650dfa924fcd6af97ffdd5ac711ab133ee740d621a0514c2644f8dc373bcecae6dc
SSDEEP

3072:RA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoEo:RzIqATVfQeV2FZalKq6jtGJWuTmd

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_e95c60370891081d162ebb89e691e588bc24107507c3609daa6d0f0ba108a570
- Size
  
  188KB
- MD5
  
  0fa743520e01b6455d67d9402aae46af
- SHA1
  
  55813da18232c05e2864667a898438b482d84a32
- SHA256
  
  e95c60370891081d162ebb89e691e588bc24107507c3609daa6d0f0ba108a570
- SHA512
  
  66fcdf3d2e1a0959350052aff50a8797e0eb61b82d7365065ef39a507268c650dfa924fcd6af97ffdd5ac711ab133ee740d621a0514c2644f8dc373bcecae6dc
- SSDEEP
  
  3072:RA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoEo:RzIqATVfQeV2FZalKq6jtGJWuTmd
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader