General

  • Target

    ApFhLhTicsyXRYxkkklgbtq.bin

  • Size

    512KB

  • Sample

    220626-f1d9tagehk

  • MD5

    1eb320594f3068a85f3f207d46917950

  • SHA1

    d10ca727d9113e25db4f26ae616af68ca9d2fc25

  • SHA256

    7319faf4a324a7aec6b898b06f822b59f24a2c702929a146908829c5ddccfe83

  • SHA512

    ceb958e62039725b1a47bf07fcc65ffe37024a975515acffe2b022998e3531facf452147da61dd33d3c76bd63b1ce0b3da399e511336a05a11963e1083c13850

Malware Config

Extracted

Family

dridex

Botnet

22203

C2

51.159.52.196:443

134.209.247.135:6602

194.233.68.48:5228

89.31.56.58:593

rc4.plain
rc4.plain

Targets

    • Target

      ApFhLhTicsyXRYxkkklgbtq.bin

    • Size

      512KB

    • MD5

      1eb320594f3068a85f3f207d46917950

    • SHA1

      d10ca727d9113e25db4f26ae616af68ca9d2fc25

    • SHA256

      7319faf4a324a7aec6b898b06f822b59f24a2c702929a146908829c5ddccfe83

    • SHA512

      ceb958e62039725b1a47bf07fcc65ffe37024a975515acffe2b022998e3531facf452147da61dd33d3c76bd63b1ce0b3da399e511336a05a11963e1083c13850

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks