General

  • Target

    488d721ba5807926af5a997bbf74bd912e68698149766c7825f76fdb63df20a4

  • Size

    170KB

  • Sample

    210615-18r3j8hf7e

  • MD5

    58402fb50252970acb1117340d35bf04

  • SHA1

    4e97544b9fb7342a29563cd04e3b8a9526e17d6f

  • SHA256

    488d721ba5807926af5a997bbf74bd912e68698149766c7825f76fdb63df20a4

  • SHA512

    1f0a1745069ba1adb3df29cefaa1cc62c690a24032fed80fa6a76290e2a7503e5d551ffae32606c5f0f769394ea03077417e69779c4b6f2fdb9c881b42b8749a

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      488d721ba5807926af5a997bbf74bd912e68698149766c7825f76fdb63df20a4

    • Size

      170KB

    • MD5

      58402fb50252970acb1117340d35bf04

    • SHA1

      4e97544b9fb7342a29563cd04e3b8a9526e17d6f

    • SHA256

      488d721ba5807926af5a997bbf74bd912e68698149766c7825f76fdb63df20a4

    • SHA512

      1f0a1745069ba1adb3df29cefaa1cc62c690a24032fed80fa6a76290e2a7503e5d551ffae32606c5f0f769394ea03077417e69779c4b6f2fdb9c881b42b8749a

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks