General

  • Target

    b5a761c473bd2c4f816ef518b44a559e

  • Size

    175KB

  • Sample

    240305-zw13kahc81

  • MD5

    b5a761c473bd2c4f816ef518b44a559e

  • SHA1

    88d412e9a90eb8bfa2c99eea9b31a4c68e3d5851

  • SHA256

    f41f8a10bb34e70b9b6299b97008a996c11ea663546aa491dac882a63038ec3c

  • SHA512

    6b5504cbbc01fd46d002afed206a586f6676ed9d6efcd211e87876c0abd449e7a310b0d591717413e0ab8167fcf091aab14201d916f061c210b8c0d4dd6985cb

  • SSDEEP

    3072:RCVOe6ths2hyT0DzJfN3ZKU3YkmN5Sw4Q2kUl59Pn90bAAW0f3:RCVOem/DzJhok45X4HPCb

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

46.55.222.10:443

104.248.178.90:4664

173.212.243.155:7002

rc4.plain
rc4.plain

Targets

    • Target

      b5a761c473bd2c4f816ef518b44a559e

    • Size

      175KB

    • MD5

      b5a761c473bd2c4f816ef518b44a559e

    • SHA1

      88d412e9a90eb8bfa2c99eea9b31a4c68e3d5851

    • SHA256

      f41f8a10bb34e70b9b6299b97008a996c11ea663546aa491dac882a63038ec3c

    • SHA512

      6b5504cbbc01fd46d002afed206a586f6676ed9d6efcd211e87876c0abd449e7a310b0d591717413e0ab8167fcf091aab14201d916f061c210b8c0d4dd6985cb

    • SSDEEP

      3072:RCVOe6ths2hyT0DzJfN3ZKU3YkmN5Sw4Q2kUl59Pn90bAAW0f3:RCVOem/DzJhok45X4HPCb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks