General

  • Target

    56a9028cd894a48cd34db924d153bf2c65895a5793c187c2a9b7a91f3f5f63cf

  • Size

    188KB

  • Sample

    221128-1at8kaff32

  • MD5

    37624a0f4ba60f83bf611aa074eea8f9

  • SHA1

    80fc7c06ceaf9000bda442a3ec0c6492927f0376

  • SHA256

    56a9028cd894a48cd34db924d153bf2c65895a5793c187c2a9b7a91f3f5f63cf

  • SHA512

    23bad113212688d6f81310a1a0b522e1b8bd23df22e00df279296b136546e14ef47a6008fff82a5848f061b89d2e8ff268ad4b9e48bcaef21b75b6341e0b1180

  • SSDEEP

    3072:FWa3N1eqJ7cNe58per6JpynepWHVD9qMe402JYIUk9H8Iz83SWY9klSC:jxwO/Spynep6VDcMeQeIUk9cI6g5

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

134.209.182.12:443

188.40.100.254:4664

103.109.247.9:10443

rc4.plain
rc4.plain

Targets

    • Target

      56a9028cd894a48cd34db924d153bf2c65895a5793c187c2a9b7a91f3f5f63cf

    • Size

      188KB

    • MD5

      37624a0f4ba60f83bf611aa074eea8f9

    • SHA1

      80fc7c06ceaf9000bda442a3ec0c6492927f0376

    • SHA256

      56a9028cd894a48cd34db924d153bf2c65895a5793c187c2a9b7a91f3f5f63cf

    • SHA512

      23bad113212688d6f81310a1a0b522e1b8bd23df22e00df279296b136546e14ef47a6008fff82a5848f061b89d2e8ff268ad4b9e48bcaef21b75b6341e0b1180

    • SSDEEP

      3072:FWa3N1eqJ7cNe58per6JpynepWHVD9qMe402JYIUk9H8Iz83SWY9klSC:jxwO/Spynep6VDcMeQeIUk9cI6g5

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks