bc24bb5ffbcf6032c928de2ca7d18fe580bb390f76b26bb7a8b083b8727446db

General
Target

bc24bb5ffbcf6032c928de2ca7d18fe580bb390f76b26bb7a8b083b8727446db

Size

174KB

Sample

210611-khvzmae8k2

Score
10 /10
MD5

1da31712d2601c187e60390479248c10

SHA1

9a5d7d14279ffa9597a1e589aa1c16173f55fb0e

SHA256

bc24bb5ffbcf6032c928de2ca7d18fe580bb390f76b26bb7a8b083b8727446db

SHA512

bc011eb382a3ad79483b7d60153ecfab0a7d0f5090f26bd5ae598a8951a52163ad0717ce11306374a0e0571a710fdc0a3e5924e931fdc5eec2bc6ca5e7c5ce3b

Malware Config

Extracted

Family dridex
Botnet 22201
C2

178.128.220.64:30333

45.79.91.89:9987

rc4.plain
rc4.plain
Targets
Target

bc24bb5ffbcf6032c928de2ca7d18fe580bb390f76b26bb7a8b083b8727446db

MD5

1da31712d2601c187e60390479248c10

Filesize

174KB

Score
10 /10
SHA1

9a5d7d14279ffa9597a1e589aa1c16173f55fb0e

SHA256

bc24bb5ffbcf6032c928de2ca7d18fe580bb390f76b26bb7a8b083b8727446db

SHA512

bc011eb382a3ad79483b7d60153ecfab0a7d0f5090f26bd5ae598a8951a52163ad0717ce11306374a0e0571a710fdc0a3e5924e931fdc5eec2bc6ca5e7c5ce3b

Tags

Signatures

  • Dridex

    Description

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    Tags

  • Dridex Loader

    Description

    Detects Dridex both x86 and x64 loader in memory.

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10