General

  • Target

    b674666c0650a36ff088023a51403813

  • Size

    184KB

  • Sample

    240306-ej877aaf2s

  • MD5

    b674666c0650a36ff088023a51403813

  • SHA1

    3e7a79f68226f0c0f07f76309d1862dfc9cbd4ca

  • SHA256

    b012a9fadfd738a15b7e9320105a7b65c93c73f5a226b982af69e86c387a2894

  • SHA512

    71c63583565b1070e357b87b087d9bd3f2a47f9b8b58003de1dd19535c2aac88d30246081f1f0fdc82f378d9a869588620485fc4aefaa2b3c3b83fdb3bac9313

  • SSDEEP

    3072:mhd6lp2ffOeP3gv+i4W63iFfKfXM9mQltYwgO226+f33JRVQcY:m3fOeIv54W6SFKfc9me9v9/JRV

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

51.79.50.122:443

222.124.142.67:10443

138.201.222.158:4664

rc4.plain
rc4.plain

Targets

    • Target

      b674666c0650a36ff088023a51403813

    • Size

      184KB

    • MD5

      b674666c0650a36ff088023a51403813

    • SHA1

      3e7a79f68226f0c0f07f76309d1862dfc9cbd4ca

    • SHA256

      b012a9fadfd738a15b7e9320105a7b65c93c73f5a226b982af69e86c387a2894

    • SHA512

      71c63583565b1070e357b87b087d9bd3f2a47f9b8b58003de1dd19535c2aac88d30246081f1f0fdc82f378d9a869588620485fc4aefaa2b3c3b83fdb3bac9313

    • SSDEEP

      3072:mhd6lp2ffOeP3gv+i4W63iFfKfXM9mQltYwgO226+f33JRVQcY:m3fOeIv54W6SFKfc9me9v9/JRV

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks