dridex | d7ce2cdd2564368559ad4871bcacb2a8b6f444b2653f510387c83f8922acfa1f | Triage

Sharing

General

Target

JaffaCakes118_d7ce2cdd2564368559ad4871bcacb2a8b6f444b2653f510387c83f8922acfa1f
Size

188KB
Sample

241230-z77z9ayrcq
MD5

5e3ff5a0ce0ea73234bc4ac6f3a243b7
SHA1

dcfe3d78ef4feda2f3b22a755264a8c46468b9c5
SHA256

d7ce2cdd2564368559ad4871bcacb2a8b6f444b2653f510387c83f8922acfa1f
SHA512

d7c392006c5df1231a576f7a27edcce9b5699e3700684f4b9a902f348ae279ce249b683e2af5c6cdb4fb2168baa80bc8a6c050f09b41ae4334941cf8ff8ca4e8
SSDEEP

3072:WA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoIo:WzIqATVfQeV2FZalKq6jtGJWuTmd

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_d7ce2cdd2564368559ad4871bcacb2a8b6f444b2653f510387c83f8922acfa1f
- Size
  
  188KB
- MD5
  
  5e3ff5a0ce0ea73234bc4ac6f3a243b7
- SHA1
  
  dcfe3d78ef4feda2f3b22a755264a8c46468b9c5
- SHA256
  
  d7ce2cdd2564368559ad4871bcacb2a8b6f444b2653f510387c83f8922acfa1f
- SHA512
  
  d7c392006c5df1231a576f7a27edcce9b5699e3700684f4b9a902f348ae279ce249b683e2af5c6cdb4fb2168baa80bc8a6c050f09b41ae4334941cf8ff8ca4e8
- SSDEEP
  
  3072:WA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoIo:WzIqATVfQeV2FZalKq6jtGJWuTmd
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader