yqsc2kqmgif

General
Target

yqsc2kqmgif

Size

176KB

Sample

201112-3n1lwad24a

Score
10 /10
MD5

f0a0d2f0d368a07171e5a3b74cb365c5

SHA1

27e722207cdd804675b9555d9fa1767733f4fa61

SHA256

7a91d43923b23b640842519263ff8dc2eb0f411f2f1688727db5c7dfacbab7be

SHA512

abe42dc28a6a0c112cfdab36bb51da9215abab6ec4df54a4b31da3ce84eff90f70d9e618a787bead65038eb394ba762207d2ddc1b28e6f2d48428f0c289e8b62

Malware Config

Extracted

Family dridex
Botnet 10444
C2

77.220.64.39:443

69.164.207.140:3388

78.47.139.43:4443

103.244.206.74:33443

rc4.plain
rc4.plain
Targets
Target

yqsc2kqmgif

MD5

f0a0d2f0d368a07171e5a3b74cb365c5

Filesize

176KB

Score
10 /10
SHA1

27e722207cdd804675b9555d9fa1767733f4fa61

SHA256

7a91d43923b23b640842519263ff8dc2eb0f411f2f1688727db5c7dfacbab7be

SHA512

abe42dc28a6a0c112cfdab36bb51da9215abab6ec4df54a4b31da3ce84eff90f70d9e618a787bead65038eb394ba762207d2ddc1b28e6f2d48428f0c289e8b62

Tags

Signatures

  • Dridex

    Description

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    Tags

  • Dridex Loader

    Description

    Detects Dridex both x86 and x64 loader in memory.

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10

                          behavioral2

                          10/10