dridex | c66f60d579a14d1334d138d75be00871c3dba5f9a21d9af32d8fecb007267527 | Triage

Sharing

General

Target

JaffaCakes118_c66f60d579a14d1334d138d75be00871c3dba5f9a21d9af32d8fecb007267527
Size

160KB
Sample

241230-za1vnsxmdn
MD5

7308b1f5db39cbf68b62c136618d3455
SHA1

29fedc5fe42e41519eda175193940c0b6f0be206
SHA256

c66f60d579a14d1334d138d75be00871c3dba5f9a21d9af32d8fecb007267527
SHA512

72309eaa143b7723de37113229c42dcecbe2b8e11279827bc63c7d8aa1b57c540512038b4cc7c50fea0c88a93e15623c34443fa8c050201864c5529fe0a249a7
SSDEEP

3072:pM5RgjZh7gpk57/MbVelsxoNTen1v/HuxbIXU89J3WgMh8CH6:i52j4pk5zMbVO6/HUIXU8KgMyC

Score

10^/10

dridex 40111 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

188.226.199.7:443

46.101.216.218:8172

178.254.33.197:2303

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_c66f60d579a14d1334d138d75be00871c3dba5f9a21d9af32d8fecb007267527
- Size
  
  160KB
- MD5
  
  7308b1f5db39cbf68b62c136618d3455
- SHA1
  
  29fedc5fe42e41519eda175193940c0b6f0be206
- SHA256
  
  c66f60d579a14d1334d138d75be00871c3dba5f9a21d9af32d8fecb007267527
- SHA512
  
  72309eaa143b7723de37113229c42dcecbe2b8e11279827bc63c7d8aa1b57c540512038b4cc7c50fea0c88a93e15623c34443fa8c050201864c5529fe0a249a7
- SSDEEP
  
  3072:pM5RgjZh7gpk57/MbVelsxoNTen1v/HuxbIXU89J3WgMh8CH6:i52j4pk5zMbVO6/HUIXU8KgMyC
Score

10^/10

dridex 40111 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex40111botnetdiscoveryloader

behavioral2

dridex40111botnetdiscoveryloader