General

  • Target

    c006f413a36a18276f9e13587c626f8d94f33adb1db2da5a7e26489e3f0d94b0

  • Size

    170KB

  • Sample

    210615-1vw3hfjafa

  • MD5

    62a1b5cd842039831c2ea31f111487a0

  • SHA1

    e94136c1dbd3d36fc51a10c249ed1e7220293f6f

  • SHA256

    c006f413a36a18276f9e13587c626f8d94f33adb1db2da5a7e26489e3f0d94b0

  • SHA512

    5bc2ca892db1185dcf702de3c8a11944fd5960ef5a0669e45fed9fed836b1ab351dd937694a3376d8a21f3ac1b5b9f111aa2a6bc3de480968d0a3de8636360e7

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      c006f413a36a18276f9e13587c626f8d94f33adb1db2da5a7e26489e3f0d94b0

    • Size

      170KB

    • MD5

      62a1b5cd842039831c2ea31f111487a0

    • SHA1

      e94136c1dbd3d36fc51a10c249ed1e7220293f6f

    • SHA256

      c006f413a36a18276f9e13587c626f8d94f33adb1db2da5a7e26489e3f0d94b0

    • SHA512

      5bc2ca892db1185dcf702de3c8a11944fd5960ef5a0669e45fed9fed836b1ab351dd937694a3376d8a21f3ac1b5b9f111aa2a6bc3de480968d0a3de8636360e7

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks