cdbdd600db73cb0e0c56d98e58859bd3145a6f9003b90d768f88b09edc5b939b

General
Target

cdbdd600db73cb0e0c56d98e58859bd3145a6f9003b90d768f88b09edc5b939b

Size

174KB

Sample

210611-4ebwaexp8j

Score
10 /10
MD5

73695b49d260af99a67bec8f1c3533cb

SHA1

1192c14e7b5980054855609a242410794c4533e5

SHA256

cdbdd600db73cb0e0c56d98e58859bd3145a6f9003b90d768f88b09edc5b939b

SHA512

367fc989dd4925060e02e738bd3f615937b25b02ae67281c717431c5318f67a5138ab92a9463fd4bf437abd3812cb02998b3bdc41b102adad26b38700119da15

Malware Config

Extracted

Family dridex
Botnet 22201
C2

178.128.220.64:30333

45.79.91.89:9987

rc4.plain
rc4.plain
Targets
Target

cdbdd600db73cb0e0c56d98e58859bd3145a6f9003b90d768f88b09edc5b939b

MD5

73695b49d260af99a67bec8f1c3533cb

Filesize

174KB

Score
10 /10
SHA1

1192c14e7b5980054855609a242410794c4533e5

SHA256

cdbdd600db73cb0e0c56d98e58859bd3145a6f9003b90d768f88b09edc5b939b

SHA512

367fc989dd4925060e02e738bd3f615937b25b02ae67281c717431c5318f67a5138ab92a9463fd4bf437abd3812cb02998b3bdc41b102adad26b38700119da15

Tags

Signatures

  • Dridex

    Description

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    Tags

  • Dridex Loader

    Description

    Detects Dridex both x86 and x64 loader in memory.

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10