General

  • Target

    b64345cd4912384e479e33b8ec204bcd

  • Size

    184KB

  • Sample

    240306-crfjqshf89

  • MD5

    b64345cd4912384e479e33b8ec204bcd

  • SHA1

    51c3922b0a136d4fe5c7406e098562778dc6e631

  • SHA256

    22c652045a21ffd12eec7e6b31fe0d62f8cf6846d572301c1d84652362c77c1a

  • SHA512

    dc79da53698d3f129f164486a5882158cca9f133f4fc091e8b70096a9c1cdb221f01878426679648fd5a4646fa0900c34d93d16b7aa7a3a10e294e4f5360fd38

  • SSDEEP

    3072:Bhd6lp2ffOeP3gv+i4W63iFfKfXM9mQltYwgO226+f33JPVQcY:B3fOeIv54W6SFKfc9me9v9/JPV

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

51.79.50.122:443

222.124.142.67:10443

138.201.222.158:4664

rc4.plain
rc4.plain

Targets

    • Target

      b64345cd4912384e479e33b8ec204bcd

    • Size

      184KB

    • MD5

      b64345cd4912384e479e33b8ec204bcd

    • SHA1

      51c3922b0a136d4fe5c7406e098562778dc6e631

    • SHA256

      22c652045a21ffd12eec7e6b31fe0d62f8cf6846d572301c1d84652362c77c1a

    • SHA512

      dc79da53698d3f129f164486a5882158cca9f133f4fc091e8b70096a9c1cdb221f01878426679648fd5a4646fa0900c34d93d16b7aa7a3a10e294e4f5360fd38

    • SSDEEP

      3072:Bhd6lp2ffOeP3gv+i4W63iFfKfXM9mQltYwgO226+f33JPVQcY:B3fOeIv54W6SFKfc9me9v9/JPV

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks