dridex | 226514f0da6af179670005e468c7fe31c386bf96d4c4a23045a73ce810d19210 | Triage

Sharing

General

Target

JaffaCakes118_226514f0da6af179670005e468c7fe31c386bf96d4c4a23045a73ce810d19210
Size

178KB
Sample

241230-yqqh7swmgq
MD5

270c5c7161ef5cdba77cfb3dd35a3924
SHA1

d72a7e02f5b17e1d48f56865029098c3bab3e4dd
SHA256

226514f0da6af179670005e468c7fe31c386bf96d4c4a23045a73ce810d19210
SHA512

21340ecbc47a9f21068474674242c167fb298eaf006da415bfee58752b382b9e1856b3db06543e060180fe721a663d66acc725214883b28a38d8335edf35c46f
SSDEEP

3072:aZUVAk9rsXo3/Ifz/uUXF2mSPBxv1tM7lt8jPU6/pyagsuAtuUucGZ2:aUAk9I4vgz/V2dulz6/hvHhG

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

142.93.223.149:443

128.199.36.62:4664

50.116.54.215:13786

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_226514f0da6af179670005e468c7fe31c386bf96d4c4a23045a73ce810d19210
- Size
  
  178KB
- MD5
  
  270c5c7161ef5cdba77cfb3dd35a3924
- SHA1
  
  d72a7e02f5b17e1d48f56865029098c3bab3e4dd
- SHA256
  
  226514f0da6af179670005e468c7fe31c386bf96d4c4a23045a73ce810d19210
- SHA512
  
  21340ecbc47a9f21068474674242c167fb298eaf006da415bfee58752b382b9e1856b3db06543e060180fe721a663d66acc725214883b28a38d8335edf35c46f
- SSDEEP
  
  3072:aZUVAk9rsXo3/Ifz/uUXF2mSPBxv1tM7lt8jPU6/pyagsuAtuUucGZ2:aUAk9I4vgz/V2dulz6/hvHhG
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader