b2ca530878324bcac74f0f0acc7794c7ea39e3a82e72a8b3b502e7f107421253

General
Target

b2ca530878324bcac74f0f0acc7794c7ea39e3a82e72a8b3b502e7f107421253

Size

174KB

Sample

210611-465z9emcmx

Score
10 /10
MD5

e86e0ed7241dfabdfdb42bba2663927b

SHA1

39c7cab06e1fc1d9cf18a2ea7ab02a30e6b4ecd1

SHA256

b2ca530878324bcac74f0f0acc7794c7ea39e3a82e72a8b3b502e7f107421253

SHA512

46e20c41eedcdfe379f6a787e51edca7e3e14662f6519a42308062b0e9959d5a444ed21073f8425abb4c61d78d0183147c42e6147921c10fef39843f84376f79

Malware Config

Extracted

Family dridex
Botnet 22201
C2

178.128.220.64:30333

45.79.91.89:9987

rc4.plain
rc4.plain
Targets
Target

b2ca530878324bcac74f0f0acc7794c7ea39e3a82e72a8b3b502e7f107421253

MD5

e86e0ed7241dfabdfdb42bba2663927b

Filesize

174KB

Score
10 /10
SHA1

39c7cab06e1fc1d9cf18a2ea7ab02a30e6b4ecd1

SHA256

b2ca530878324bcac74f0f0acc7794c7ea39e3a82e72a8b3b502e7f107421253

SHA512

46e20c41eedcdfe379f6a787e51edca7e3e14662f6519a42308062b0e9959d5a444ed21073f8425abb4c61d78d0183147c42e6147921c10fef39843f84376f79

Tags

Signatures

  • Dridex

    Description

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    Tags

  • Dridex Loader

    Description

    Detects Dridex both x86 and x64 loader in memory.

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10