General

  • Target

    l0sjk3o.dll

  • Size

    329KB

  • Sample

    210112-g4xcd22hla

  • MD5

    68183c1d9929e5502729e95454eca8e0

  • SHA1

    cfd4c7413fa9216afef60201895c3a620ea6801c

  • SHA256

    9e39f4494952dfedc6608ebad6c832474045bfaba3ccbb69f8194a2681311eac

  • SHA512

    98fa8564b0da7d8286819e1bf174ec84b4dc922f327e1397db8b08d5ab61637da39a79d0bf66f793e1381ca83de896c130bc03a45181bc4af237a5295ca738e7

Malware Config

Extracted

Family

dridex

Botnet

10555

C2

77.220.64.37:443

80.86.91.27:3308

5.100.228.233:3389

46.105.131.65:1512

rc4.plain
rc4.plain

Targets

    • Target

      l0sjk3o.dll

    • Size

      329KB

    • MD5

      68183c1d9929e5502729e95454eca8e0

    • SHA1

      cfd4c7413fa9216afef60201895c3a620ea6801c

    • SHA256

      9e39f4494952dfedc6608ebad6c832474045bfaba3ccbb69f8194a2681311eac

    • SHA512

      98fa8564b0da7d8286819e1bf174ec84b4dc922f327e1397db8b08d5ab61637da39a79d0bf66f793e1381ca83de896c130bc03a45181bc4af237a5295ca738e7

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks