9fa06baf2855be823f528845437489c8ac4939ffa3ed05f1e9a584f5c567efb6

General
Target

9fa06baf2855be823f528845437489c8ac4939ffa3ed05f1e9a584f5c567efb6

Size

174KB

Sample

210611-9tm9hpgsqx

Score
10 /10
MD5

18c6eb627071649fad3d0805d5579ba3

SHA1

2dca277dd385d81c2c8f5a9d2b10116f22e73174

SHA256

9fa06baf2855be823f528845437489c8ac4939ffa3ed05f1e9a584f5c567efb6

SHA512

b2a79d88ea8c0b7e8c580666c6ae03b6cb0a5d39d964160a7144aa31d786690dd54619a50d3fb4169de45271372beb30d63bdcc24b27ac8f131c5932a5c7d73f

Malware Config

Extracted

Family dridex
Botnet 22201
C2

178.128.220.64:30333

45.79.91.89:9987

rc4.plain
rc4.plain
Targets
Target

9fa06baf2855be823f528845437489c8ac4939ffa3ed05f1e9a584f5c567efb6

MD5

18c6eb627071649fad3d0805d5579ba3

Filesize

174KB

Score
10 /10
SHA1

2dca277dd385d81c2c8f5a9d2b10116f22e73174

SHA256

9fa06baf2855be823f528845437489c8ac4939ffa3ed05f1e9a584f5c567efb6

SHA512

b2a79d88ea8c0b7e8c580666c6ae03b6cb0a5d39d964160a7144aa31d786690dd54619a50d3fb4169de45271372beb30d63bdcc24b27ac8f131c5932a5c7d73f

Tags

Signatures

  • Dridex

    Description

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    Tags

  • Dridex Loader

    Description

    Detects Dridex both x86 and x64 loader in memory.

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10