General

  • Target

    7c744c42d53caf2ea92d2adc07042756d15376031230ca4530363c744814660e

  • Size

    170KB

  • Sample

    210615-1ygqhcjmva

  • MD5

    9c502b1d89af7ac348a83698962d8294

  • SHA1

    651c862e7588c3f251635b526576b07af46e5e88

  • SHA256

    7c744c42d53caf2ea92d2adc07042756d15376031230ca4530363c744814660e

  • SHA512

    8a0201adfa9793b75f0e1310406913d4a5dd6157939f8aafdafac9a9b3f6bcb57cc538de5a8f7d7f65b4d257364b76f5d5e8b845a81d560f5c660a0e34977ac8

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      7c744c42d53caf2ea92d2adc07042756d15376031230ca4530363c744814660e

    • Size

      170KB

    • MD5

      9c502b1d89af7ac348a83698962d8294

    • SHA1

      651c862e7588c3f251635b526576b07af46e5e88

    • SHA256

      7c744c42d53caf2ea92d2adc07042756d15376031230ca4530363c744814660e

    • SHA512

      8a0201adfa9793b75f0e1310406913d4a5dd6157939f8aafdafac9a9b3f6bcb57cc538de5a8f7d7f65b4d257364b76f5d5e8b845a81d560f5c660a0e34977ac8

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks