dridex | 5a08b9b6ca773814e9b89d9196422a9fcd827f28f4fe65f04415af82078c5b1b | Triage

Sharing

General

Target

JaffaCakes118_5a08b9b6ca773814e9b89d9196422a9fcd827f28f4fe65f04415af82078c5b1b
Size

184KB
Sample

241230-ygwzmawjdn
MD5

fe1443cabffe0762a98f2bb5d3930764
SHA1

c0b93ee0278ad0bac8d5bc2743ffdc96245e1392
SHA256

5a08b9b6ca773814e9b89d9196422a9fcd827f28f4fe65f04415af82078c5b1b
SHA512

56eed3cfc3a9ace0b787df62d04c647049a678223cb31faff09d0d5f43e876191f22e9d0b5a1e838a71cd0c82ca61ade4a24a94a01943d28ec06351c02bb65c4
SSDEEP

3072:diLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoMlzoxss7:diLVCIT4WK2z1W+CUHZj4Skq/eaoyoC

Score

10^/10

dridex 22202 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_5a08b9b6ca773814e9b89d9196422a9fcd827f28f4fe65f04415af82078c5b1b
- Size
  
  184KB
- MD5
  
  fe1443cabffe0762a98f2bb5d3930764
- SHA1
  
  c0b93ee0278ad0bac8d5bc2743ffdc96245e1392
- SHA256
  
  5a08b9b6ca773814e9b89d9196422a9fcd827f28f4fe65f04415af82078c5b1b
- SHA512
  
  56eed3cfc3a9ace0b787df62d04c647049a678223cb31faff09d0d5f43e876191f22e9d0b5a1e838a71cd0c82ca61ade4a24a94a01943d28ec06351c02bb65c4
- SSDEEP
  
  3072:diLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoMlzoxss7:diLVCIT4WK2z1W+CUHZj4Skq/eaoyoC
Score

10^/10

dridex 22202 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22202botnetdiscoveryloader

behavioral2

dridex22202botnetdiscoveryloader