b6f55a44b0ab260adb53bcbf8d2e3ac301d53f60a4ad8af1115da2d87f9eb569

General
Target

b6f55a44b0ab260adb53bcbf8d2e3ac301d53f60a4ad8af1115da2d87f9eb569

Size

174KB

Sample

210611-w98excnvw2

Score
10 /10
MD5

e8dfc5162ff89a3b89238a326077edb3

SHA1

0b1f9fcb813159b11cbc02a96302b540d21ab78a

SHA256

b6f55a44b0ab260adb53bcbf8d2e3ac301d53f60a4ad8af1115da2d87f9eb569

SHA512

76a961a748591654826fdf8cb68d639b91efb3cc8bac0f36fbca22308ab871545f6bdb531fb0b689689d30d056d54b173ddbdff61d1b020b45e400fcc9bab43b

Malware Config

Extracted

Family dridex
Botnet 22201
C2

178.128.220.64:30333

45.79.91.89:9987

rc4.plain
rc4.plain
Targets
Target

b6f55a44b0ab260adb53bcbf8d2e3ac301d53f60a4ad8af1115da2d87f9eb569

MD5

e8dfc5162ff89a3b89238a326077edb3

Filesize

174KB

Score
10 /10
SHA1

0b1f9fcb813159b11cbc02a96302b540d21ab78a

SHA256

b6f55a44b0ab260adb53bcbf8d2e3ac301d53f60a4ad8af1115da2d87f9eb569

SHA512

76a961a748591654826fdf8cb68d639b91efb3cc8bac0f36fbca22308ab871545f6bdb531fb0b689689d30d056d54b173ddbdff61d1b020b45e400fcc9bab43b

Tags

Signatures

  • Dridex

    Description

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    Tags

  • Dridex Loader

    Description

    Detects Dridex both x86 and x64 loader in memory.

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10