General

  • Target

    b502efec91cdb0875c6a42cfad1747b9

  • Size

    188KB

  • Sample

    240305-sme1eahg3y

  • MD5

    b502efec91cdb0875c6a42cfad1747b9

  • SHA1

    a84ee6cf6a03b38874adcaa1052d4a3c5a5fc161

  • SHA256

    a5e041df58914ebebef3955b3e7b712728d61840aef3dc8708a8b1e82f756074

  • SHA512

    9a17775bffee1281bc2aa990570bf5b6a366d44dfe3e70959b9ed08074ca7f18f4f20ee9dcdda78a2ba36b42c43fd16ccb21d8fb727099042a7d50551d08b8c0

  • SSDEEP

    3072:HA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoVo:HzIqATVfQeV2FZalKq6jtGJWuTmd

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      b502efec91cdb0875c6a42cfad1747b9

    • Size

      188KB

    • MD5

      b502efec91cdb0875c6a42cfad1747b9

    • SHA1

      a84ee6cf6a03b38874adcaa1052d4a3c5a5fc161

    • SHA256

      a5e041df58914ebebef3955b3e7b712728d61840aef3dc8708a8b1e82f756074

    • SHA512

      9a17775bffee1281bc2aa990570bf5b6a366d44dfe3e70959b9ed08074ca7f18f4f20ee9dcdda78a2ba36b42c43fd16ccb21d8fb727099042a7d50551d08b8c0

    • SSDEEP

      3072:HA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoVo:HzIqATVfQeV2FZalKq6jtGJWuTmd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks