13c45fd8886d5c8fe570154063f58db1f6381e37bbce563762bd03e0c501db52

General
Target

13c45fd8886d5c8fe570154063f58db1f6381e37bbce563762bd03e0c501db52

Size

174KB

Sample

210611-l6gkbz4f9x

Score
10 /10
MD5

445209dbd05ff7d56513be5071552162

SHA1

a507d112640ce5fffafe0a770c84da60a5ed3d3c

SHA256

13c45fd8886d5c8fe570154063f58db1f6381e37bbce563762bd03e0c501db52

SHA512

a610385edb3bd28d66e0669a2d9409b980193d50bd9e63d504689bd6d3e86089cdcf8136a14f447ea42c017821e389342aafdd936dcd94453e13080f1fef30b2

Malware Config

Extracted

Family dridex
Botnet 22201
C2

178.128.220.64:30333

45.79.91.89:9987

rc4.plain
rc4.plain
Targets
Target

13c45fd8886d5c8fe570154063f58db1f6381e37bbce563762bd03e0c501db52

MD5

445209dbd05ff7d56513be5071552162

Filesize

174KB

Score
10 /10
SHA1

a507d112640ce5fffafe0a770c84da60a5ed3d3c

SHA256

13c45fd8886d5c8fe570154063f58db1f6381e37bbce563762bd03e0c501db52

SHA512

a610385edb3bd28d66e0669a2d9409b980193d50bd9e63d504689bd6d3e86089cdcf8136a14f447ea42c017821e389342aafdd936dcd94453e13080f1fef30b2

Tags

Signatures

  • Dridex

    Description

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    Tags

  • Dridex Loader

    Description

    Detects Dridex both x86 and x64 loader in memory.

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10