General

  • Target

    SecuriteInfo.com.Generic.mg.6d5e0ebf3d8c6d2b.30211

  • Size

    836KB

  • Sample

    210121-6vqtwk1sex

  • MD5

    6d5e0ebf3d8c6d2b88adc17304da36fd

  • SHA1

    d461df26f4017d4cbeecd2c47c3392dd7e442b76

  • SHA256

    c2a8f4fcab529f809b7bf59726a480f70d0e3304f1a9947049fdf2b1567a0c47

  • SHA512

    55ee969fa44aed795acac9073777b0568d944f352340923aad2a027cae2b2d11f0d1a371e3647fd4757ac5723664cb5c880a4b9625b629d49e05c1f5ef1f5225

Malware Config

Extracted

Family

dridex

Botnet

10444

C2

194.225.58.214:443

211.110.44.63:5353

69.164.207.140:3388

198.57.200.100:3786

rc4.plain
rc4.plain

Targets

    • Target

      SecuriteInfo.com.Generic.mg.6d5e0ebf3d8c6d2b.30211

    • Size

      836KB

    • MD5

      6d5e0ebf3d8c6d2b88adc17304da36fd

    • SHA1

      d461df26f4017d4cbeecd2c47c3392dd7e442b76

    • SHA256

      c2a8f4fcab529f809b7bf59726a480f70d0e3304f1a9947049fdf2b1567a0c47

    • SHA512

      55ee969fa44aed795acac9073777b0568d944f352340923aad2a027cae2b2d11f0d1a371e3647fd4757ac5723664cb5c880a4b9625b629d49e05c1f5ef1f5225

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks