General

  • Target

    51d92fa47f021cee7f307770ee01008fe55be362a5ff807f4aecd52c8853b877

  • Size

    170KB

  • Sample

    210611-v4n5jp5p92

  • MD5

    257dfcd89ed8c82c4710e76e8c8ee96c

  • SHA1

    cbe770ffdf0d851fa978188ddd42759fec1053f2

  • SHA256

    51d92fa47f021cee7f307770ee01008fe55be362a5ff807f4aecd52c8853b877

  • SHA512

    5e18c1cbc1a9c63f0eab53b635f32c1b720fc342452845bd9af583ec5218dfa8908c98677e82176605c75df292794c0077e685ad785f461b3f446b692f9592f7

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      51d92fa47f021cee7f307770ee01008fe55be362a5ff807f4aecd52c8853b877

    • Size

      170KB

    • MD5

      257dfcd89ed8c82c4710e76e8c8ee96c

    • SHA1

      cbe770ffdf0d851fa978188ddd42759fec1053f2

    • SHA256

      51d92fa47f021cee7f307770ee01008fe55be362a5ff807f4aecd52c8853b877

    • SHA512

      5e18c1cbc1a9c63f0eab53b635f32c1b720fc342452845bd9af583ec5218dfa8908c98677e82176605c75df292794c0077e685ad785f461b3f446b692f9592f7

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks