General

  • Target

    ac7ddcc5dea1ff2adef0530f12b3fc63

  • Size

    188KB

  • Sample

    240228-wgv18aac43

  • MD5

    ac7ddcc5dea1ff2adef0530f12b3fc63

  • SHA1

    1161ac4f41ba8a58b6e7be8bfa5229d5170e11b8

  • SHA256

    3d5c376bba1dc76d0230f093b2dff9cc9f19863a69cbcc290e1e9e14b5955cf5

  • SHA512

    e1bfa893f65996ba9c5af22685d4beb49e9e5eb606e33dc9cfc8f20007eda1f016ba1047d7720fe54e0f3d91fcd75909defef71ba3bf22bbfc1784de3cd31e71

  • SSDEEP

    3072:3A8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoIo:3zIqATVfQeV2FZalKq6jtGJWuTmd

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      ac7ddcc5dea1ff2adef0530f12b3fc63

    • Size

      188KB

    • MD5

      ac7ddcc5dea1ff2adef0530f12b3fc63

    • SHA1

      1161ac4f41ba8a58b6e7be8bfa5229d5170e11b8

    • SHA256

      3d5c376bba1dc76d0230f093b2dff9cc9f19863a69cbcc290e1e9e14b5955cf5

    • SHA512

      e1bfa893f65996ba9c5af22685d4beb49e9e5eb606e33dc9cfc8f20007eda1f016ba1047d7720fe54e0f3d91fcd75909defef71ba3bf22bbfc1784de3cd31e71

    • SSDEEP

      3072:3A8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoIo:3zIqATVfQeV2FZalKq6jtGJWuTmd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks