General

  • Target

    afc549e1236be7391c99c2d5e67e300d

  • Size

    188KB

  • Sample

    240229-3p67safg9y

  • MD5

    afc549e1236be7391c99c2d5e67e300d

  • SHA1

    c3d0bd40de1b927e692bc68c60549eb22a8d6960

  • SHA256

    c7c577f1c80b1c36fde4b45e8e3c45ae4a3660f19a8f76bc26f2cda724e793be

  • SHA512

    222520507740aa45f239f6a5c0262dd7fa29046899eb873311b183b20dc946f50b2b36c366bd0702a991fd5c12398ee0228653098697f10067fd6e5be4d0a0ff

  • SSDEEP

    3072:jA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAo9o:jzIqATVfQeV2FZalKq6jtGJWuTmd

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      afc549e1236be7391c99c2d5e67e300d

    • Size

      188KB

    • MD5

      afc549e1236be7391c99c2d5e67e300d

    • SHA1

      c3d0bd40de1b927e692bc68c60549eb22a8d6960

    • SHA256

      c7c577f1c80b1c36fde4b45e8e3c45ae4a3660f19a8f76bc26f2cda724e793be

    • SHA512

      222520507740aa45f239f6a5c0262dd7fa29046899eb873311b183b20dc946f50b2b36c366bd0702a991fd5c12398ee0228653098697f10067fd6e5be4d0a0ff

    • SSDEEP

      3072:jA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAo9o:jzIqATVfQeV2FZalKq6jtGJWuTmd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks