General

  • Target

    ac83273f46ff18df1726c99d567f300f

  • Size

    188KB

  • Sample

    240228-wn6rasad69

  • MD5

    ac83273f46ff18df1726c99d567f300f

  • SHA1

    8a1543bb467b52a9d0f4d72f7d350e28d2c3ee52

  • SHA256

    5e6ade33e4f40b265486162b042e3ee9860e31290324cfaa43ea847846d432a6

  • SHA512

    9bb1ebe2f16d4c84f3079dc5c768b3a28e46705ee8519933ed619820485e913ad3d23f7ad7b9f177b806197a89a3bfb3d63bfcfc718f4458a0fb9880f012ef63

  • SSDEEP

    3072:IA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAomo:IzIqATVfQeV2FZalKq6jtGJWuTmd

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      ac83273f46ff18df1726c99d567f300f

    • Size

      188KB

    • MD5

      ac83273f46ff18df1726c99d567f300f

    • SHA1

      8a1543bb467b52a9d0f4d72f7d350e28d2c3ee52

    • SHA256

      5e6ade33e4f40b265486162b042e3ee9860e31290324cfaa43ea847846d432a6

    • SHA512

      9bb1ebe2f16d4c84f3079dc5c768b3a28e46705ee8519933ed619820485e913ad3d23f7ad7b9f177b806197a89a3bfb3d63bfcfc718f4458a0fb9880f012ef63

    • SSDEEP

      3072:IA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAomo:IzIqATVfQeV2FZalKq6jtGJWuTmd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks