General

  • Target

    c28550cf4d5e79032f43b4eae45e265b8f3d37b705efc33218593e96af18db0b

  • Size

    172KB

  • Sample

    210615-1n3jplhkpa

  • MD5

    afccb9c8aae521d0b5ec2e511d3d3ab0

  • SHA1

    6afded1e74ec19b6f1df95ff9e0e0c4e4b48671c

  • SHA256

    c28550cf4d5e79032f43b4eae45e265b8f3d37b705efc33218593e96af18db0b

  • SHA512

    03e0c2415e8e98a632af50367e6539d4944acb42942d09fee95a91162598fd5c9c4be86e12ca0a94a5886352c1083b2e747b16b3efda8aa7d8dccc90b7e59491

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      c28550cf4d5e79032f43b4eae45e265b8f3d37b705efc33218593e96af18db0b

    • Size

      172KB

    • MD5

      afccb9c8aae521d0b5ec2e511d3d3ab0

    • SHA1

      6afded1e74ec19b6f1df95ff9e0e0c4e4b48671c

    • SHA256

      c28550cf4d5e79032f43b4eae45e265b8f3d37b705efc33218593e96af18db0b

    • SHA512

      03e0c2415e8e98a632af50367e6539d4944acb42942d09fee95a91162598fd5c9c4be86e12ca0a94a5886352c1083b2e747b16b3efda8aa7d8dccc90b7e59491

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks