General

  • Target

    ado7ptnc.jpg

  • Size

    476KB

  • Sample

    220626-fzw38sgefr

  • MD5

    c286403d239ce8885a9774ac140cc1d0

  • SHA1

    b4e32fb2ae4870ba77d0026c06d8430ac61c6cc9

  • SHA256

    6a66ea28b464bc274149c4a1f07987eb7f8ff22f8e05e92679661474d98a3253

  • SHA512

    5f93a756fe95a2ce8dbf9bd9d1f7e51b0af0387be7b7b18d4fcafcf9864d674c6f50a2d463b6b4da65685c0766c93d78e1eff715b2c4b7de094d8fcde05c61de

Malware Config

Extracted

Family

dridex

Botnet

10444

C2

23.246.204.126:443

151.106.39.36:8116

103.124.144.123:6891

172.105.78.60:4664

rc4.plain
rc4.plain

Targets

    • Target

      ado7ptnc.jpg

    • Size

      476KB

    • MD5

      c286403d239ce8885a9774ac140cc1d0

    • SHA1

      b4e32fb2ae4870ba77d0026c06d8430ac61c6cc9

    • SHA256

      6a66ea28b464bc274149c4a1f07987eb7f8ff22f8e05e92679661474d98a3253

    • SHA512

      5f93a756fe95a2ce8dbf9bd9d1f7e51b0af0387be7b7b18d4fcafcf9864d674c6f50a2d463b6b4da65685c0766c93d78e1eff715b2c4b7de094d8fcde05c61de

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks