dridex | 65b2a71e8172d5d4e07102152c69eede97d2ceb1da8c00b83af53a037eb41bea | Triage

Sharing

General

Target

JaffaCakes118_24c59e71e91bb28defa958d0461a1e1e
Size

180KB
Sample

250106-p4gzjsyral
MD5

24c59e71e91bb28defa958d0461a1e1e
SHA1

84bea40928f1036598fd7d1f102951e6b36a9424
SHA256

65b2a71e8172d5d4e07102152c69eede97d2ceb1da8c00b83af53a037eb41bea
SHA512

3239aab1150504a14a69d586b45718182f61904c8ab06167112d3d86db4c0ac4db5ec7d729c0a71359c5374de724b2471fb346861f9b9f62164810ecbcf522a1
SSDEEP

3072:TBp0m9FOGDv64TOvqdjR91E404PUW6bKHJZK0Bzb5Sea:TBp0bG6q7040aBfK0db5

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

212.237.17.99:443

176.28.17.160:6602

51.254.140.238:8333

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_24c59e71e91bb28defa958d0461a1e1e
- Size
  
  180KB
- MD5
  
  24c59e71e91bb28defa958d0461a1e1e
- SHA1
  
  84bea40928f1036598fd7d1f102951e6b36a9424
- SHA256
  
  65b2a71e8172d5d4e07102152c69eede97d2ceb1da8c00b83af53a037eb41bea
- SHA512
  
  3239aab1150504a14a69d586b45718182f61904c8ab06167112d3d86db4c0ac4db5ec7d729c0a71359c5374de724b2471fb346861f9b9f62164810ecbcf522a1
- SSDEEP
  
  3072:TBp0m9FOGDv64TOvqdjR91E404PUW6bKHJZK0Bzb5Sea:TBp0bG6q7040aBfK0db5
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader