dridex | 1c609f4125bcaf17316ee0820467c262f4fbc594165e42c2f0ef8c58c189b803 | Triage

Submit
Reports

Overview

overview

Static

static

3

455372dbef...18.exe

windows7-x64

455372dbef...18.exe

windows10-2004-x64

Sharing

General

Target

455372dbef40b4fdcefaa5e6aac5325b_JaffaCakes118
Size

156KB
Sample

240515-keklxshc39
MD5

455372dbef40b4fdcefaa5e6aac5325b
SHA1

73784baf7e42691221d68d2ce7358ccf8156427d
SHA256

1c609f4125bcaf17316ee0820467c262f4fbc594165e42c2f0ef8c58c189b803
SHA512

e3833c7c79de2d8c443b044434b1704553ab9493ca4b1271783326098f8951654ba93b93cb7162edde18e77a73790e8f1cb020c6d610c4661950e96c2e8b0b4d
SSDEEP

3072:XKlOD7pXVeQMrCe4/Hn2qnTPDLEj7iXFU6AAqeNPremW0W1DJHtRzLyIVw:XUi7pXkcZ/LTPUqFDqeNPremStR/

Score

10^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

455372dbef40b4fdcefaa5e6aac5325b_JaffaCakes118.exe

Resource

win7-20240508-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

455372dbef40b4fdcefaa5e6aac5325b_JaffaCakes118.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

1 signatures

150 seconds

Malware Config

Extracted

Family

dridex

C2

178.250.54.202:443

128.199.136.72:691

81.2.235.155:8443

212.53.140.12:3389

Targets

- Target
  
  455372dbef40b4fdcefaa5e6aac5325b_JaffaCakes118
- Size
  
  156KB
- MD5
  
  455372dbef40b4fdcefaa5e6aac5325b
- SHA1
  
  73784baf7e42691221d68d2ce7358ccf8156427d
- SHA256
  
  1c609f4125bcaf17316ee0820467c262f4fbc594165e42c2f0ef8c58c189b803
- SHA512
  
  e3833c7c79de2d8c443b044434b1704553ab9493ca4b1271783326098f8951654ba93b93cb7162edde18e77a73790e8f1cb020c6d610c4661950e96c2e8b0b4d
- SSDEEP
  
  3072:XKlOD7pXVeQMrCe4/Hn2qnTPDLEj7iXFU6AAqeNPremW0W1DJHtRzLyIVw:XUi7pXkcZ/LTPUqFDqeNPremStR/
Score

10^/10

dridex botnet
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy