General

  • Target

    afcd46d044e95c87dad7b207ba993281

  • Size

    188KB

  • Sample

    240229-31ypsagb3y

  • MD5

    afcd46d044e95c87dad7b207ba993281

  • SHA1

    c5e8e128938f53b3d57f80865b963e5f20a17ca5

  • SHA256

    191d9face547b7475691c243cffbb00ef30da3cbc16b34f045886128c5892f0a

  • SHA512

    df5a7ee69053d602643f4a0cc93d9a618f084d2a2831730b8c12ee735a2bd59c08bf8240f921114887cf19bc3b33ab275bdcf3fd1eea37ef41007ecddb45a7df

  • SSDEEP

    3072:BA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoHo:BzIqATVfQeV2FZalKq6jtGJWuTmd

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      afcd46d044e95c87dad7b207ba993281

    • Size

      188KB

    • MD5

      afcd46d044e95c87dad7b207ba993281

    • SHA1

      c5e8e128938f53b3d57f80865b963e5f20a17ca5

    • SHA256

      191d9face547b7475691c243cffbb00ef30da3cbc16b34f045886128c5892f0a

    • SHA512

      df5a7ee69053d602643f4a0cc93d9a618f084d2a2831730b8c12ee735a2bd59c08bf8240f921114887cf19bc3b33ab275bdcf3fd1eea37ef41007ecddb45a7df

    • SSDEEP

      3072:BA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoHo:BzIqATVfQeV2FZalKq6jtGJWuTmd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks