General

  • Target

    a617199bcde4aa2c5106d1f7e03fd5ac6804e5bf59a04b55506576014844bd4f

  • Size

    170KB

  • Sample

    210615-1jhnm35kxn

  • MD5

    47fa0a020a37ce1dd114a1d4f4157ea9

  • SHA1

    1a6f8ea5f31c674e30e9d10fcdc5a3eefca22aaa

  • SHA256

    a617199bcde4aa2c5106d1f7e03fd5ac6804e5bf59a04b55506576014844bd4f

  • SHA512

    83c8681c48a58f1128f3fda1d79622224da6948a3f9eb225419787a680da33e981e61859f3cb1d67c59a1adafd8bc4ceac226ad042b941f49254be082d2d57ef

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      a617199bcde4aa2c5106d1f7e03fd5ac6804e5bf59a04b55506576014844bd4f

    • Size

      170KB

    • MD5

      47fa0a020a37ce1dd114a1d4f4157ea9

    • SHA1

      1a6f8ea5f31c674e30e9d10fcdc5a3eefca22aaa

    • SHA256

      a617199bcde4aa2c5106d1f7e03fd5ac6804e5bf59a04b55506576014844bd4f

    • SHA512

      83c8681c48a58f1128f3fda1d79622224da6948a3f9eb225419787a680da33e981e61859f3cb1d67c59a1adafd8bc4ceac226ad042b941f49254be082d2d57ef

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks