General

  • Target

    05b118452b54c694e51f4e75d6227000188ebc820b1ae0eedd8a478342e763d6

  • Size

    180KB

  • Sample

    240908-pn8gkaybrg

  • MD5

    b9b7f01f8dce7a2b4d237642a4564893

  • SHA1

    4ecd9ccbe936f92eac6943fe0230f02593b28930

  • SHA256

    05b118452b54c694e51f4e75d6227000188ebc820b1ae0eedd8a478342e763d6

  • SHA512

    32f9cea5e8fcf6472e9fcacaf33150cc30009f78c42180b139aa1af9ea3c5cd0b6e9857a30f7d15674aee5d26884e3cb14aca1f26df52ca85c4e303fecaa37be

  • SSDEEP

    3072:M3U+o/fwAUfM8+NmXhjlAZ+SWlxT5H3zipQIoZeErkxUNBG0:YUZYxfM8+YXfq+SOxTxjipQjzk3

Malware Config

Extracted

Family

dridex

Botnet

111

C2

94.126.8.2:443

81.2.235.131:1688

178.63.156.139:3388

rc4.plain
rc4.plain

Targets

    • Target

      05b118452b54c694e51f4e75d6227000188ebc820b1ae0eedd8a478342e763d6

    • Size

      180KB

    • MD5

      b9b7f01f8dce7a2b4d237642a4564893

    • SHA1

      4ecd9ccbe936f92eac6943fe0230f02593b28930

    • SHA256

      05b118452b54c694e51f4e75d6227000188ebc820b1ae0eedd8a478342e763d6

    • SHA512

      32f9cea5e8fcf6472e9fcacaf33150cc30009f78c42180b139aa1af9ea3c5cd0b6e9857a30f7d15674aee5d26884e3cb14aca1f26df52ca85c4e303fecaa37be

    • SSDEEP

      3072:M3U+o/fwAUfM8+NmXhjlAZ+SWlxT5H3zipQIoZeErkxUNBG0:YUZYxfM8+YXfq+SOxTxjipQjzk3

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks