General

  • Target

    ad9108c8b8792ff4564da86b38432f20

  • Size

    188KB

  • Sample

    240229-dy5mwacb9y

  • MD5

    ad9108c8b8792ff4564da86b38432f20

  • SHA1

    554bcc4f48d4e80904ba960675aaa42117bb2e70

  • SHA256

    95905de212fc97bcb0293fb6025138980f9b0df75b3255e7cee0eed219f0a279

  • SHA512

    9f6b563334b4afec4d6ef48d3df08236ef06a28b3213b0d3c0d627b7c5190a3e9ede6480f48459ca3ab35405a54cb7deadae75200a39df9e600b347d1a12e5df

  • SSDEEP

    3072:lA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoro:lzIqATVfQeV2FZalKq6jtGJWuTmd

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      ad9108c8b8792ff4564da86b38432f20

    • Size

      188KB

    • MD5

      ad9108c8b8792ff4564da86b38432f20

    • SHA1

      554bcc4f48d4e80904ba960675aaa42117bb2e70

    • SHA256

      95905de212fc97bcb0293fb6025138980f9b0df75b3255e7cee0eed219f0a279

    • SHA512

      9f6b563334b4afec4d6ef48d3df08236ef06a28b3213b0d3c0d627b7c5190a3e9ede6480f48459ca3ab35405a54cb7deadae75200a39df9e600b347d1a12e5df

    • SSDEEP

      3072:lA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoro:lzIqATVfQeV2FZalKq6jtGJWuTmd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks