General

  • Target

    58d026c1c37b043aab33a306f7ad8665fb2bfc563db7a3ce3faba961f9209496

  • Size

    170KB

  • Sample

    210611-ppvcwjzjd6

  • MD5

    d743cb161f292e9170864ad5c849419d

  • SHA1

    93a50c8ea5a13eb48bbc9503ef65438730478074

  • SHA256

    58d026c1c37b043aab33a306f7ad8665fb2bfc563db7a3ce3faba961f9209496

  • SHA512

    48c6b18214570fd6fec6623f7c86666b4b99942a31194c1b7eaa94a4ba208770dd3a5f4e11cadae0a441f9b8508f6328c879a0a60cd6320a1ba2579808ac645a

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      58d026c1c37b043aab33a306f7ad8665fb2bfc563db7a3ce3faba961f9209496

    • Size

      170KB

    • MD5

      d743cb161f292e9170864ad5c849419d

    • SHA1

      93a50c8ea5a13eb48bbc9503ef65438730478074

    • SHA256

      58d026c1c37b043aab33a306f7ad8665fb2bfc563db7a3ce3faba961f9209496

    • SHA512

      48c6b18214570fd6fec6623f7c86666b4b99942a31194c1b7eaa94a4ba208770dd3a5f4e11cadae0a441f9b8508f6328c879a0a60cd6320a1ba2579808ac645a

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks