General

  • Target

    ada03420ca6ee316628ae79854a8ab62

  • Size

    188KB

  • Sample

    240229-eh934ach67

  • MD5

    ada03420ca6ee316628ae79854a8ab62

  • SHA1

    4773db97b0d533df2e9e00e0d5b7a58d58be11d6

  • SHA256

    f176a808231480caf1e97a7867dde89423390fb712e22882c5a1c98874017da4

  • SHA512

    4a37f8a5a1736aa673990176e2a259aaf1d673d0233002528093384f69ce8d58b3c9b5b39348fffa86e66f5fa902bfa0bb6fe7a127e5e582d87456ee1fd7773c

  • SSDEEP

    3072:IA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAono:IzIqATVfQeV2FZalKq6jtGJWuTmd

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      ada03420ca6ee316628ae79854a8ab62

    • Size

      188KB

    • MD5

      ada03420ca6ee316628ae79854a8ab62

    • SHA1

      4773db97b0d533df2e9e00e0d5b7a58d58be11d6

    • SHA256

      f176a808231480caf1e97a7867dde89423390fb712e22882c5a1c98874017da4

    • SHA512

      4a37f8a5a1736aa673990176e2a259aaf1d673d0233002528093384f69ce8d58b3c9b5b39348fffa86e66f5fa902bfa0bb6fe7a127e5e582d87456ee1fd7773c

    • SSDEEP

      3072:IA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAono:IzIqATVfQeV2FZalKq6jtGJWuTmd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks