dridex | b709a796aa3fc786b802b19ee75b9e78bd0b0f06818efc1533df141bf14062ce | Triage

Sharing

General

Target

JaffaCakes118_b709a796aa3fc786b802b19ee75b9e78bd0b0f06818efc1533df141bf14062ce
Size

160KB
Sample

241230-yvj7zswpfn
MD5

5415e61cd21e268aa789ef3088d85613
SHA1

109f8d0f221d088b6bb8c38b9a9d18c1014f2d3a
SHA256

b709a796aa3fc786b802b19ee75b9e78bd0b0f06818efc1533df141bf14062ce
SHA512

cbd54a91ca96c0f4d66f6ef67d2d1702bca93113fc1683c5e0c6b479a6518f82ba94ab3788687fdc033360f198ea7bb26e855a5e575963e16645ef2890b9f4c0
SSDEEP

3072:ZU5RgjZh7gpk57/MbVelsxoNTen1v/HuxbIXU89J3WgMh8XH6:e52j4pk5zMbVO6/HUIXU8KgMyX

Score

10^/10

dridex 40111 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

188.226.199.7:443

46.101.216.218:8172

178.254.33.197:2303

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_b709a796aa3fc786b802b19ee75b9e78bd0b0f06818efc1533df141bf14062ce
- Size
  
  160KB
- MD5
  
  5415e61cd21e268aa789ef3088d85613
- SHA1
  
  109f8d0f221d088b6bb8c38b9a9d18c1014f2d3a
- SHA256
  
  b709a796aa3fc786b802b19ee75b9e78bd0b0f06818efc1533df141bf14062ce
- SHA512
  
  cbd54a91ca96c0f4d66f6ef67d2d1702bca93113fc1683c5e0c6b479a6518f82ba94ab3788687fdc033360f198ea7bb26e855a5e575963e16645ef2890b9f4c0
- SSDEEP
  
  3072:ZU5RgjZh7gpk57/MbVelsxoNTen1v/HuxbIXU89J3WgMh8XH6:e52j4pk5zMbVO6/HUIXU8KgMyX
Score

10^/10

dridex 40111 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex40111botnetdiscoveryloader

behavioral2

dridex40111botnetdiscoveryloader