General

  • Target

    b597f45fb07b85b2dcd3a3b35c528033

  • Size

    188KB

  • Sample

    240305-zbkj3shf36

  • MD5

    b597f45fb07b85b2dcd3a3b35c528033

  • SHA1

    ceb929fd1929d56853d58b08f86d763eb679d981

  • SHA256

    7a776d8aa45572c8b3c7f218e34cf8ca9f40d66c8b1ebcf52ad09040eab61c9f

  • SHA512

    29f9ff81c6e8033e137475a83249d78911a74de490f4d05d0e87717efb55c9ad74553b0e87c9c588153be3b5513ac4dee09a51ea3a13ebb281cc1bf033926620

  • SSDEEP

    3072:lA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAooo:lzIqATVfQeV2FZalKq6jtGJWuTmd

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      b597f45fb07b85b2dcd3a3b35c528033

    • Size

      188KB

    • MD5

      b597f45fb07b85b2dcd3a3b35c528033

    • SHA1

      ceb929fd1929d56853d58b08f86d763eb679d981

    • SHA256

      7a776d8aa45572c8b3c7f218e34cf8ca9f40d66c8b1ebcf52ad09040eab61c9f

    • SHA512

      29f9ff81c6e8033e137475a83249d78911a74de490f4d05d0e87717efb55c9ad74553b0e87c9c588153be3b5513ac4dee09a51ea3a13ebb281cc1bf033926620

    • SSDEEP

      3072:lA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAooo:lzIqATVfQeV2FZalKq6jtGJWuTmd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks