General

  • Target

    afaa40b79f9b294d2069042d27c9ef59

  • Size

    188KB

  • Sample

    240229-2qznnaef8w

  • MD5

    afaa40b79f9b294d2069042d27c9ef59

  • SHA1

    91b403bc8ebf19456f8c36651c3121b246270aef

  • SHA256

    3092bd3e7e6903a4d15ee91d800fd0dcc06c06018b6ae7e9377671195afbdd02

  • SHA512

    ee620bfc43db252b098bf4bc59614e4c03f529ad137ccec55306fdfd4bc199831accd58825777dae80ba662514f86d8efb30dc8ea0b96118bf505182318b77e2

  • SSDEEP

    3072:EJH0uyjZqEpAK+Gf78TBdrXkTM5vhRg9Esf0DwvtyMpVnpA+z6tX8sxKViW07dU:EJUua/Pv7YNhRIEZDeXVpAxtMsxK

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      afaa40b79f9b294d2069042d27c9ef59

    • Size

      188KB

    • MD5

      afaa40b79f9b294d2069042d27c9ef59

    • SHA1

      91b403bc8ebf19456f8c36651c3121b246270aef

    • SHA256

      3092bd3e7e6903a4d15ee91d800fd0dcc06c06018b6ae7e9377671195afbdd02

    • SHA512

      ee620bfc43db252b098bf4bc59614e4c03f529ad137ccec55306fdfd4bc199831accd58825777dae80ba662514f86d8efb30dc8ea0b96118bf505182318b77e2

    • SSDEEP

      3072:EJH0uyjZqEpAK+Gf78TBdrXkTM5vhRg9Esf0DwvtyMpVnpA+z6tX8sxKViW07dU:EJUua/Pv7YNhRIEZDeXVpAxtMsxK

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks