General

  • Target

    acdab1e514f063901f3e79ab8dea4a00

  • Size

    188KB

  • Sample

    240228-zxlz2aea32

  • MD5

    acdab1e514f063901f3e79ab8dea4a00

  • SHA1

    e0f5b772b8e24a5017f45c3395d32a9f082031e0

  • SHA256

    2d975c87c5bf3fa071355b0d1e0d6d84094c29fd476439ee8975cad872e5b385

  • SHA512

    e353409c4fed9955622e3b37bc183849821550c48c0cdc732e0177b6387c2f03458a64606272366f48d952c7bffff55fde39f87de17d7ae8c565ad257ce2ea82

  • SSDEEP

    3072:RA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoAo:RzIqATVfQeV2FZalKq6jtGJWuTmd

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      acdab1e514f063901f3e79ab8dea4a00

    • Size

      188KB

    • MD5

      acdab1e514f063901f3e79ab8dea4a00

    • SHA1

      e0f5b772b8e24a5017f45c3395d32a9f082031e0

    • SHA256

      2d975c87c5bf3fa071355b0d1e0d6d84094c29fd476439ee8975cad872e5b385

    • SHA512

      e353409c4fed9955622e3b37bc183849821550c48c0cdc732e0177b6387c2f03458a64606272366f48d952c7bffff55fde39f87de17d7ae8c565ad257ce2ea82

    • SSDEEP

      3072:RA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoAo:RzIqATVfQeV2FZalKq6jtGJWuTmd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks