General

  • Target

    b3cb5fd5c150718fe0af79e3c3052c5b

  • Size

    188KB

  • Sample

    240305-e7rcaafb93

  • MD5

    b3cb5fd5c150718fe0af79e3c3052c5b

  • SHA1

    65295afebbc75ec3d4974bf0842fbda0d3933aa3

  • SHA256

    68ce7b756c02b82a02eb29329acf9258359e7b69c0daa32c2e9111b404054413

  • SHA512

    1a22a10b3a987004a26f451fc991fd7945dcb80454b11f648dbab8b9d3085045daa362ac58617b9b2939bb97db7cc7435c64f3accd2b36e07542039eb6466fd6

  • SSDEEP

    3072:AA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAo/o:AzIqATVfQeV2FZalKq6jtGJWuTmd

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      b3cb5fd5c150718fe0af79e3c3052c5b

    • Size

      188KB

    • MD5

      b3cb5fd5c150718fe0af79e3c3052c5b

    • SHA1

      65295afebbc75ec3d4974bf0842fbda0d3933aa3

    • SHA256

      68ce7b756c02b82a02eb29329acf9258359e7b69c0daa32c2e9111b404054413

    • SHA512

      1a22a10b3a987004a26f451fc991fd7945dcb80454b11f648dbab8b9d3085045daa362ac58617b9b2939bb97db7cc7435c64f3accd2b36e07542039eb6466fd6

    • SSDEEP

      3072:AA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAo/o:AzIqATVfQeV2FZalKq6jtGJWuTmd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks