General

  • Target

    b5ae506aea0ba764d97e15bdfada9cfe

  • Size

    188KB

  • Sample

    240305-z5p2nahf3z

  • MD5

    b5ae506aea0ba764d97e15bdfada9cfe

  • SHA1

    66e0d6aaa752ce693158764f9a5b54d411f247f0

  • SHA256

    9ee2cfb0db6009b4e6ffc8eac8e291e5c839f0cba7c2788e18291c90f225cac8

  • SHA512

    f19475af8764d70ae55c81954502bcfc528c955ee0067c7605bb9bf2c48e3e83059c3e43058b1ab370c2750c3eaabd5b882962f60bb5bd6911f19bd3ab5f6896

  • SSDEEP

    3072:wA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoQo:wzIqATVfQeV2FZalKq6jtGJWuTmd

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      b5ae506aea0ba764d97e15bdfada9cfe

    • Size

      188KB

    • MD5

      b5ae506aea0ba764d97e15bdfada9cfe

    • SHA1

      66e0d6aaa752ce693158764f9a5b54d411f247f0

    • SHA256

      9ee2cfb0db6009b4e6ffc8eac8e291e5c839f0cba7c2788e18291c90f225cac8

    • SHA512

      f19475af8764d70ae55c81954502bcfc528c955ee0067c7605bb9bf2c48e3e83059c3e43058b1ab370c2750c3eaabd5b882962f60bb5bd6911f19bd3ab5f6896

    • SSDEEP

      3072:wA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoQo:wzIqATVfQeV2FZalKq6jtGJWuTmd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks