General

  • Target

    8ce6a5484b7bac3edbc4d2dd60ecedf443011f27a35665c9f4973bff741c20e4.exe

  • Size

    180KB

  • Sample

    241121-fg6vqaycla

  • MD5

    d1bfd09192f2272e5b99bcebbc0f7b65

  • SHA1

    96faed641317e78c1edc5be1b7ce108433224826

  • SHA256

    8ce6a5484b7bac3edbc4d2dd60ecedf443011f27a35665c9f4973bff741c20e4

  • SHA512

    3051946b86e620c27efa38b6bd6e539281feaf802e1304f4fa4724df055d112f03cca98cad084af350c68388bb34b25f2349eab35e112dccf0e3cf2f1d69a9bc

  • SSDEEP

    3072:zy9p0m9FOGDv64TOvqdjR91E404PUW6bKHJZK0Bzb5reav:zy9p0bG6q7040aBfK0db5n

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

212.237.17.99:443

176.28.17.160:6602

51.254.140.238:8333

rc4.plain
rc4.plain

Targets

    • Target

      8ce6a5484b7bac3edbc4d2dd60ecedf443011f27a35665c9f4973bff741c20e4.exe

    • Size

      180KB

    • MD5

      d1bfd09192f2272e5b99bcebbc0f7b65

    • SHA1

      96faed641317e78c1edc5be1b7ce108433224826

    • SHA256

      8ce6a5484b7bac3edbc4d2dd60ecedf443011f27a35665c9f4973bff741c20e4

    • SHA512

      3051946b86e620c27efa38b6bd6e539281feaf802e1304f4fa4724df055d112f03cca98cad084af350c68388bb34b25f2349eab35e112dccf0e3cf2f1d69a9bc

    • SSDEEP

      3072:zy9p0m9FOGDv64TOvqdjR91E404PUW6bKHJZK0Bzb5reav:zy9p0bG6q7040aBfK0db5n

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks