General

  • Target

    49fa567500da9abeaeeffbd2f3f461d58a966e677a412ab7cea9fac06a36c27f.exe

  • Size

    180KB

  • Sample

    241124-hmc6psvlhr

  • MD5

    60b0c64409b459f28f25902738c88647

  • SHA1

    c0dbe516be69de813a478217eabb67d83651d568

  • SHA256

    49fa567500da9abeaeeffbd2f3f461d58a966e677a412ab7cea9fac06a36c27f

  • SHA512

    1fbb5c88de9f04afbd75a4d9bb6a5f2385e6fb921aa09906692476f67ee730f0602dc8cc426b851ad5b6fdb30701b5e1c777f43b24a5a5b1f794cca716c59d71

  • SSDEEP

    3072:GFp0m9FOGDv64TOvqdjR91E404PUW6bKHJZK0Bzb5sea3:GFp0bG6q7040aBfK0db5E

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

212.237.17.99:443

176.28.17.160:6602

51.254.140.238:8333

rc4.plain
rc4.plain

Targets

    • Target

      49fa567500da9abeaeeffbd2f3f461d58a966e677a412ab7cea9fac06a36c27f.exe

    • Size

      180KB

    • MD5

      60b0c64409b459f28f25902738c88647

    • SHA1

      c0dbe516be69de813a478217eabb67d83651d568

    • SHA256

      49fa567500da9abeaeeffbd2f3f461d58a966e677a412ab7cea9fac06a36c27f

    • SHA512

      1fbb5c88de9f04afbd75a4d9bb6a5f2385e6fb921aa09906692476f67ee730f0602dc8cc426b851ad5b6fdb30701b5e1c777f43b24a5a5b1f794cca716c59d71

    • SSDEEP

      3072:GFp0m9FOGDv64TOvqdjR91E404PUW6bKHJZK0Bzb5sea3:GFp0bG6q7040aBfK0db5E

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks