bd816cf7ad1427ca48deb5ccdff1e897f20baf63df35b4a7fd6e6bdf65c268fb

General
Target

bd816cf7ad1427ca48deb5ccdff1e897f20baf63df35b4a7fd6e6bdf65c268fb

Size

174KB

Sample

210611-jfdqj4h46x

Score
10 /10
MD5

41ca40276052e59bd7ad543a255a58b7

SHA1

2f4ddb7419dfc8ab3aa1ea80137e88148317292c

SHA256

bd816cf7ad1427ca48deb5ccdff1e897f20baf63df35b4a7fd6e6bdf65c268fb

SHA512

afc5e2130f2b5de7c06ea1034f3c9e9b0859b709e6affbe78905a1c648425ecd86c2dbb17532a8847ea4f891290e03976c5db0e1ddb2208617040f9614e96ec4

Malware Config

Extracted

Family dridex
Botnet 22201
C2

178.128.220.64:30333

45.79.91.89:9987

rc4.plain
rc4.plain
Targets
Target

bd816cf7ad1427ca48deb5ccdff1e897f20baf63df35b4a7fd6e6bdf65c268fb

MD5

41ca40276052e59bd7ad543a255a58b7

Filesize

174KB

Score
10 /10
SHA1

2f4ddb7419dfc8ab3aa1ea80137e88148317292c

SHA256

bd816cf7ad1427ca48deb5ccdff1e897f20baf63df35b4a7fd6e6bdf65c268fb

SHA512

afc5e2130f2b5de7c06ea1034f3c9e9b0859b709e6affbe78905a1c648425ecd86c2dbb17532a8847ea4f891290e03976c5db0e1ddb2208617040f9614e96ec4

Tags

Signatures

  • Dridex

    Description

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    Tags

  • Dridex Loader

    Description

    Detects Dridex both x86 and x64 loader in memory.

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10