fa7c61ed88bc0a8e0e4db95b1d20b62d4dec0563fe4d1a40d3499a23aacf39cb

General
Target

fa7c61ed88bc0a8e0e4db95b1d20b62d4dec0563fe4d1a40d3499a23aacf39cb

Size

174KB

Sample

210611-2mtcn4a7j6

Score
10 /10
MD5

5c7ac084d3c0c3845284cb6396656094

SHA1

a3293b47b36f3c9317251c2fd612cd494eb6538c

SHA256

fa7c61ed88bc0a8e0e4db95b1d20b62d4dec0563fe4d1a40d3499a23aacf39cb

SHA512

f88a2e8792da94f5db98d551c6583781f0acc15c90a8bec2c4f2c2aa40b89df83d92276eb6213f054206874a826d4a05a79a8c508f328e0215242813189f33d9

Malware Config

Extracted

Family dridex
Botnet 22201
C2

178.128.220.64:30333

45.79.91.89:9987

rc4.plain
rc4.plain
Targets
Target

fa7c61ed88bc0a8e0e4db95b1d20b62d4dec0563fe4d1a40d3499a23aacf39cb

MD5

5c7ac084d3c0c3845284cb6396656094

Filesize

174KB

Score
10 /10
SHA1

a3293b47b36f3c9317251c2fd612cd494eb6538c

SHA256

fa7c61ed88bc0a8e0e4db95b1d20b62d4dec0563fe4d1a40d3499a23aacf39cb

SHA512

f88a2e8792da94f5db98d551c6583781f0acc15c90a8bec2c4f2c2aa40b89df83d92276eb6213f054206874a826d4a05a79a8c508f328e0215242813189f33d9

Tags

Signatures

  • Dridex

    Description

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    Tags

  • Dridex Loader

    Description

    Detects Dridex both x86 and x64 loader in memory.

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10