General

  • Target

    add24aba9d64f9733a1715944c67c5e1

  • Size

    188KB

  • Sample

    240229-gcwdvsga8x

  • MD5

    add24aba9d64f9733a1715944c67c5e1

  • SHA1

    e43fd2e188935bdda3a60a4f1623784780bba62b

  • SHA256

    ada0ae123d5fbe2452d3351c0d28dd7c556a87ad89ce6b89ad91828c5d081549

  • SHA512

    21055a3f788c494162e722b6304bfea69ad390202dd672e4105f18a49d5319228678f28038c27518d1b8ef378db003789e78db29684eecbae7091f830ca7efc5

  • SSDEEP

    3072:QA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoSo:QzIqATVfQeV2FZalKq6jtGJWuTmd

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      add24aba9d64f9733a1715944c67c5e1

    • Size

      188KB

    • MD5

      add24aba9d64f9733a1715944c67c5e1

    • SHA1

      e43fd2e188935bdda3a60a4f1623784780bba62b

    • SHA256

      ada0ae123d5fbe2452d3351c0d28dd7c556a87ad89ce6b89ad91828c5d081549

    • SHA512

      21055a3f788c494162e722b6304bfea69ad390202dd672e4105f18a49d5319228678f28038c27518d1b8ef378db003789e78db29684eecbae7091f830ca7efc5

    • SSDEEP

      3072:QA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoSo:QzIqATVfQeV2FZalKq6jtGJWuTmd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks