dridex | 26a5dfbefece254912fb9226e445dbfd5296d1347858e7a295b4c42d3333561b | Triage

Sharing

General

Target

JaffaCakes118_26a5dfbefece254912fb9226e445dbfd5296d1347858e7a295b4c42d3333561b
Size

188KB
Sample

241230-ytb5zsyqfs
MD5

eecbdfa5dfd4dee5638426c7a93d9940
SHA1

26119fb7b4aebb5b62a4de6a09715c9ce0f06c11
SHA256

26a5dfbefece254912fb9226e445dbfd5296d1347858e7a295b4c42d3333561b
SHA512

2fa8679801f8903eacdf35cddecd66653b64b3ef31a87431695b12c17b13a06071d8d836326010297ba5f7188be93517b3882fdfdd497c0ee66f5435d95260e2
SSDEEP

3072:3A8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoUo:3zIqATVfQeV2FZalKq6jtGJWuTmd

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_26a5dfbefece254912fb9226e445dbfd5296d1347858e7a295b4c42d3333561b
- Size
  
  188KB
- MD5
  
  eecbdfa5dfd4dee5638426c7a93d9940
- SHA1
  
  26119fb7b4aebb5b62a4de6a09715c9ce0f06c11
- SHA256
  
  26a5dfbefece254912fb9226e445dbfd5296d1347858e7a295b4c42d3333561b
- SHA512
  
  2fa8679801f8903eacdf35cddecd66653b64b3ef31a87431695b12c17b13a06071d8d836326010297ba5f7188be93517b3882fdfdd497c0ee66f5435d95260e2
- SSDEEP
  
  3072:3A8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoUo:3zIqATVfQeV2FZalKq6jtGJWuTmd
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader