General

  • Target

    b4c7dc7b96102f90c4d1b2bf687f9f69

  • Size

    188KB

  • Sample

    240305-qf9kbsge59

  • MD5

    b4c7dc7b96102f90c4d1b2bf687f9f69

  • SHA1

    b7598d9d396fb81a4e7e9f70553c82fc70ce8ee7

  • SHA256

    d42266cb115be3fd00bf9e6781e8f2d249d71eb6a9b575d05efed55c8b61a56d

  • SHA512

    31a7440969226305519a6660631707629509fae3f2fc11b86b7a39d8e666b8fb39f0eb73388142c31a748a2d41181ec2026a00ebb2dfe093c40d297258f15659

  • SSDEEP

    3072:/A8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoBo:/zIqATVfQeV2FZalKq6jtGJWuTmd

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      b4c7dc7b96102f90c4d1b2bf687f9f69

    • Size

      188KB

    • MD5

      b4c7dc7b96102f90c4d1b2bf687f9f69

    • SHA1

      b7598d9d396fb81a4e7e9f70553c82fc70ce8ee7

    • SHA256

      d42266cb115be3fd00bf9e6781e8f2d249d71eb6a9b575d05efed55c8b61a56d

    • SHA512

      31a7440969226305519a6660631707629509fae3f2fc11b86b7a39d8e666b8fb39f0eb73388142c31a748a2d41181ec2026a00ebb2dfe093c40d297258f15659

    • SSDEEP

      3072:/A8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoBo:/zIqATVfQeV2FZalKq6jtGJWuTmd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks