58d026c1c37b043aab33a306f7ad8665fb2bfc563db7a3ce3faba961f9209496

General
Target

58d026c1c37b043aab33a306f7ad8665fb2bfc563db7a3ce3faba961f9209496

Size

170KB

Sample

210611-ppvcwjzjd6

Score
10 /10
MD5

d743cb161f292e9170864ad5c849419d

SHA1

93a50c8ea5a13eb48bbc9503ef65438730478074

SHA256

58d026c1c37b043aab33a306f7ad8665fb2bfc563db7a3ce3faba961f9209496

SHA512

48c6b18214570fd6fec6623f7c86666b4b99942a31194c1b7eaa94a4ba208770dd3a5f4e11cadae0a441f9b8508f6328c879a0a60cd6320a1ba2579808ac645a

Malware Config

Extracted

Family dridex
Botnet 40112
C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain
Targets
Target

58d026c1c37b043aab33a306f7ad8665fb2bfc563db7a3ce3faba961f9209496

MD5

d743cb161f292e9170864ad5c849419d

Filesize

170KB

Score
10 /10
SHA1

93a50c8ea5a13eb48bbc9503ef65438730478074

SHA256

58d026c1c37b043aab33a306f7ad8665fb2bfc563db7a3ce3faba961f9209496

SHA512

48c6b18214570fd6fec6623f7c86666b4b99942a31194c1b7eaa94a4ba208770dd3a5f4e11cadae0a441f9b8508f6328c879a0a60cd6320a1ba2579808ac645a

Tags

Signatures

  • Dridex

    Description

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    Tags

  • Dridex Loader

    Description

    Detects Dridex both x86 and x64 loader in memory.

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10