General

  • Target

    5a73dde8bcd5ea2c85e4a949b73ea89faa4f7afdea45d8284fdd8f61c2dcb2da

  • Size

    170KB

  • Sample

    210615-1h24t4vkrj

  • MD5

    cbd9c32cbfc608d8aaf8aa43b6cf3b02

  • SHA1

    32734017f79d86ac1149db87a0615045ca930a30

  • SHA256

    5a73dde8bcd5ea2c85e4a949b73ea89faa4f7afdea45d8284fdd8f61c2dcb2da

  • SHA512

    102f1843239b57150d338cf290816e72b77c42d00f04561b401aad414ae65757054fef552647695831d9e3c7a255a16970529dddf971c1eb4dad05fb10b3220a

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      5a73dde8bcd5ea2c85e4a949b73ea89faa4f7afdea45d8284fdd8f61c2dcb2da

    • Size

      170KB

    • MD5

      cbd9c32cbfc608d8aaf8aa43b6cf3b02

    • SHA1

      32734017f79d86ac1149db87a0615045ca930a30

    • SHA256

      5a73dde8bcd5ea2c85e4a949b73ea89faa4f7afdea45d8284fdd8f61c2dcb2da

    • SHA512

      102f1843239b57150d338cf290816e72b77c42d00f04561b401aad414ae65757054fef552647695831d9e3c7a255a16970529dddf971c1eb4dad05fb10b3220a

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks