General

  • Target

    f18f025d83233323192c121b5f15eae358c26f4597e23afbc794846bd280d11c.exe

  • Size

    180KB

  • Sample

    241123-zay13svmd1

  • MD5

    4dbd09ab8e662fd04f87ff9fc0ec8c67

  • SHA1

    91c7037e07f1e02b9a774f897560223bc7cae6bc

  • SHA256

    f18f025d83233323192c121b5f15eae358c26f4597e23afbc794846bd280d11c

  • SHA512

    fa75e346e588f7cf7c60d9d2efacbed739e57ba337d7eb746e3a7b4ac29c9a5b7dfa678894f3d9e34b2bd620d669f65eb0467608e9fbb50c58d5df1b5ac05404

  • SSDEEP

    3072:qFp0m9FOGDv64TOvqdjR91E404PUW6bKHJZK0Bzb5jeaF:qFp0bG6q7040aBfK0db51

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

212.237.17.99:443

176.28.17.160:6602

51.254.140.238:8333

rc4.plain
rc4.plain

Targets

    • Target

      f18f025d83233323192c121b5f15eae358c26f4597e23afbc794846bd280d11c.exe

    • Size

      180KB

    • MD5

      4dbd09ab8e662fd04f87ff9fc0ec8c67

    • SHA1

      91c7037e07f1e02b9a774f897560223bc7cae6bc

    • SHA256

      f18f025d83233323192c121b5f15eae358c26f4597e23afbc794846bd280d11c

    • SHA512

      fa75e346e588f7cf7c60d9d2efacbed739e57ba337d7eb746e3a7b4ac29c9a5b7dfa678894f3d9e34b2bd620d669f65eb0467608e9fbb50c58d5df1b5ac05404

    • SSDEEP

      3072:qFp0m9FOGDv64TOvqdjR91E404PUW6bKHJZK0Bzb5jeaF:qFp0bG6q7040aBfK0db51

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks