General

  • Target

    ac4e67e5f769bee52cc82cc75ba93e5b

  • Size

    188KB

  • Sample

    240228-tp941aga3w

  • MD5

    ac4e67e5f769bee52cc82cc75ba93e5b

  • SHA1

    dca3a79e3c18c5cc0949c77663122e3349e329a2

  • SHA256

    7756f5d9312daaac8067e8ce0a54d8033bb311bd1a8137445a8ba2cf1b75cd8a

  • SHA512

    a5a8020d3885c1fae3af20605ad60013733d22fc60387466cfb9265a6b0f1c64cc965219ae341bee43477c0f49ce7c32b1cb36188ca6e4ecba01d17ecc89828f

  • SSDEEP

    3072:pA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoPo:pzIqATVfQeV2FZalKq6jtGJWuTmd

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      ac4e67e5f769bee52cc82cc75ba93e5b

    • Size

      188KB

    • MD5

      ac4e67e5f769bee52cc82cc75ba93e5b

    • SHA1

      dca3a79e3c18c5cc0949c77663122e3349e329a2

    • SHA256

      7756f5d9312daaac8067e8ce0a54d8033bb311bd1a8137445a8ba2cf1b75cd8a

    • SHA512

      a5a8020d3885c1fae3af20605ad60013733d22fc60387466cfb9265a6b0f1c64cc965219ae341bee43477c0f49ce7c32b1cb36188ca6e4ecba01d17ecc89828f

    • SSDEEP

      3072:pA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoPo:pzIqATVfQeV2FZalKq6jtGJWuTmd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks