f8538bbe3f8665ce80f18155bef9c3f149c87ec5d79defded350f588f7ab0856

General
Target

f8538bbe3f8665ce80f18155bef9c3f149c87ec5d79defded350f588f7ab0856

Size

170KB

Sample

210611-8wyzk6qk9j

Score
10 /10
MD5

ec02eb20b2f721cb1530df631566640c

SHA1

8a98b8fc18e2395b7b8e11a1b5002b0405d17d45

SHA256

f8538bbe3f8665ce80f18155bef9c3f149c87ec5d79defded350f588f7ab0856

SHA512

4335d2509986c7cb329a2d4a6d1a913ab751cb0bf9dd782edae61974782e6310a6d5e3e9343aef0253198b70568a9e597a88e5b5fa8be6b8a1ec161f1673287c

Malware Config

Extracted

Family dridex
Botnet 40112
C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain
Targets
Target

f8538bbe3f8665ce80f18155bef9c3f149c87ec5d79defded350f588f7ab0856

MD5

ec02eb20b2f721cb1530df631566640c

Filesize

170KB

Score
10 /10
SHA1

8a98b8fc18e2395b7b8e11a1b5002b0405d17d45

SHA256

f8538bbe3f8665ce80f18155bef9c3f149c87ec5d79defded350f588f7ab0856

SHA512

4335d2509986c7cb329a2d4a6d1a913ab751cb0bf9dd782edae61974782e6310a6d5e3e9343aef0253198b70568a9e597a88e5b5fa8be6b8a1ec161f1673287c

Tags

Signatures

  • Dridex

    Description

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    Tags

  • Dridex Loader

    Description

    Detects Dridex both x86 and x64 loader in memory.

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10