General

  • Target

    b4f02c7fbc16d032f4f49aeb716dc571

  • Size

    188KB

  • Sample

    240305-rybaxsaa77

  • MD5

    b4f02c7fbc16d032f4f49aeb716dc571

  • SHA1

    93451ecd0a4f3d346ec992db80583107a8c2fcea

  • SHA256

    fac785f63e65f9529848de6692a93c4f0b49673c4dab1956c76288a3848c327c

  • SHA512

    d00b6beb42e7927a5dc3979ba36babfc774ecbba0ed0cea880379af94f2a5d2c325a85a9756a506e90289fb7213bcd003172cb96a6522809bd1c23da6d6d0d80

  • SSDEEP

    3072:XA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoeo:XzIqATVfQeV2FZalKq6jtGJWuTmd

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      b4f02c7fbc16d032f4f49aeb716dc571

    • Size

      188KB

    • MD5

      b4f02c7fbc16d032f4f49aeb716dc571

    • SHA1

      93451ecd0a4f3d346ec992db80583107a8c2fcea

    • SHA256

      fac785f63e65f9529848de6692a93c4f0b49673c4dab1956c76288a3848c327c

    • SHA512

      d00b6beb42e7927a5dc3979ba36babfc774ecbba0ed0cea880379af94f2a5d2c325a85a9756a506e90289fb7213bcd003172cb96a6522809bd1c23da6d6d0d80

    • SSDEEP

      3072:XA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoeo:XzIqATVfQeV2FZalKq6jtGJWuTmd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks