General

  • Target

    ad27196fd2008b2c68f8a833d558d50c

  • Size

    184KB

  • Sample

    240228-3nyh9age72

  • MD5

    ad27196fd2008b2c68f8a833d558d50c

  • SHA1

    27d5b66984f76023f5e15727f1e0913ee045ec01

  • SHA256

    71addae1ed0f01cefa9443ee5c532f3aea05db6a03bad969d387d91731043460

  • SHA512

    595ea881f318b14e67de3baa0ebd338300a4ddb1895d8f7712885062eeea0559cf7dcb0225dbedc85f27774f55dfe3603872eb27612588faa0fa22629c29db3f

  • SSDEEP

    3072:Qhd6lp2ffOeP3gv+i4W63iFfKfXM9mQltYwgO226+f33JkVQcY:Q3fOeIv54W6SFKfc9me9v9/JkV

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

51.79.50.122:443

222.124.142.67:10443

138.201.222.158:4664

rc4.plain
rc4.plain

Targets

    • Target

      ad27196fd2008b2c68f8a833d558d50c

    • Size

      184KB

    • MD5

      ad27196fd2008b2c68f8a833d558d50c

    • SHA1

      27d5b66984f76023f5e15727f1e0913ee045ec01

    • SHA256

      71addae1ed0f01cefa9443ee5c532f3aea05db6a03bad969d387d91731043460

    • SHA512

      595ea881f318b14e67de3baa0ebd338300a4ddb1895d8f7712885062eeea0559cf7dcb0225dbedc85f27774f55dfe3603872eb27612588faa0fa22629c29db3f

    • SSDEEP

      3072:Qhd6lp2ffOeP3gv+i4W63iFfKfXM9mQltYwgO226+f33JkVQcY:Q3fOeIv54W6SFKfc9me9v9/JkV

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks