General

  • Target

    b4afdb095a2ad31eb1bf3ce3838d9f45

  • Size

    188KB

  • Sample

    240305-pkth8sfd48

  • MD5

    b4afdb095a2ad31eb1bf3ce3838d9f45

  • SHA1

    724a7a16b13459ff4cd741cbcf2ee8cffc357d46

  • SHA256

    0b137c41d288b50363f5a2067d03ab2ca1b076e07296c62a1e21cb687400ec46

  • SHA512

    a5752b7db7ae53baa06c1258171228e77c0cdfe3429a828a25a00ac32898fc11644387dd862fa5e0ceb033814b4d0faf2ee61e5759d91fc4285bd039fd1f17a6

  • SSDEEP

    3072:qH0uyjZqEpAK+Gf78TBdrXkTM5vhRg9Esf0DwvtyMpVnpA+z6tX8sxKViW+7dU:qUua/Pv7YNhRIEZDeXVpAxtMsxK

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      b4afdb095a2ad31eb1bf3ce3838d9f45

    • Size

      188KB

    • MD5

      b4afdb095a2ad31eb1bf3ce3838d9f45

    • SHA1

      724a7a16b13459ff4cd741cbcf2ee8cffc357d46

    • SHA256

      0b137c41d288b50363f5a2067d03ab2ca1b076e07296c62a1e21cb687400ec46

    • SHA512

      a5752b7db7ae53baa06c1258171228e77c0cdfe3429a828a25a00ac32898fc11644387dd862fa5e0ceb033814b4d0faf2ee61e5759d91fc4285bd039fd1f17a6

    • SSDEEP

      3072:qH0uyjZqEpAK+Gf78TBdrXkTM5vhRg9Esf0DwvtyMpVnpA+z6tX8sxKViW+7dU:qUua/Pv7YNhRIEZDeXVpAxtMsxK

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks