51d92fa47f021cee7f307770ee01008fe55be362a5ff807f4aecd52c8853b877

General
Target

51d92fa47f021cee7f307770ee01008fe55be362a5ff807f4aecd52c8853b877

Size

170KB

Sample

210611-v4n5jp5p92

Score
10 /10
MD5

257dfcd89ed8c82c4710e76e8c8ee96c

SHA1

cbe770ffdf0d851fa978188ddd42759fec1053f2

SHA256

51d92fa47f021cee7f307770ee01008fe55be362a5ff807f4aecd52c8853b877

SHA512

5e18c1cbc1a9c63f0eab53b635f32c1b720fc342452845bd9af583ec5218dfa8908c98677e82176605c75df292794c0077e685ad785f461b3f446b692f9592f7

Malware Config

Extracted

Family dridex
Botnet 40112
C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain
Targets
Target

51d92fa47f021cee7f307770ee01008fe55be362a5ff807f4aecd52c8853b877

MD5

257dfcd89ed8c82c4710e76e8c8ee96c

Filesize

170KB

Score
10 /10
SHA1

cbe770ffdf0d851fa978188ddd42759fec1053f2

SHA256

51d92fa47f021cee7f307770ee01008fe55be362a5ff807f4aecd52c8853b877

SHA512

5e18c1cbc1a9c63f0eab53b635f32c1b720fc342452845bd9af583ec5218dfa8908c98677e82176605c75df292794c0077e685ad785f461b3f446b692f9592f7

Tags

Signatures

  • Dridex

    Description

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    Tags

  • Dridex Loader

    Description

    Detects Dridex both x86 and x64 loader in memory.

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10