General

  • Target

    2320-2-0x0000000002350000-0x0000000002448000-memory.dmp

  • Size

    992KB

  • MD5

    d1c44ef8905b3f35ecd656b83dffb52e

  • SHA1

    c8a5b1fb0b69637c1cc016366e2449ef52d4ad1b

  • SHA256

    f40b26f6ee72d7b85debfdfe79392e95487c6aca9eb850ac5c94e0a94fdadea5

  • SHA512

    347ea66bbd78020f4416ca3464c3187b3216e58189975c3dabcaea15e1ea5e51884fe4a73c5af97a0f8ea37440f13bdc21fe7f18d5ccaddd70af0ff390a81712

  • SSDEEP

    3072:Zyj53IgK8iiPlf5LnFyBcEtZxWeXF7A9JhCSEQHlpiV07Y7HzOyshEVfKEvkgn:4JKU3oj7Atc7qDgvkW

Score
10/10

Malware Config

Extracted

Family

dridex

Botnet

10444

C2

194.225.58.214:443

211.110.44.63:5353

69.164.207.140:3388

198.57.200.100:3786

rc4.plain
rc4.plain

Signatures

  • Dridex family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2320-2-0x0000000002350000-0x0000000002448000-memory.dmp
    .dll windows:6 windows x86 arch:x86


    Headers

    Sections