General

  • Target

    e6e3fa873e93c99b5e6e4b94879c0d12841c911a7859a2f6a99d80d90e376ef6

  • Size

    172KB

  • Sample

    210615-22levd435s

  • MD5

    5bae23ac99301e78c6d326166a3181c9

  • SHA1

    5a6a0b90c5054721332d5e09d1f4fe65f0615aea

  • SHA256

    e6e3fa873e93c99b5e6e4b94879c0d12841c911a7859a2f6a99d80d90e376ef6

  • SHA512

    28627029620c2cda27f9f20e91438a054eab8d5da0e0e33c2d15bb384358c63a0f7308ebda37daefbe7e247db700bffab64db41b714d53959ebf0976eb93268d

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      e6e3fa873e93c99b5e6e4b94879c0d12841c911a7859a2f6a99d80d90e376ef6

    • Size

      172KB

    • MD5

      5bae23ac99301e78c6d326166a3181c9

    • SHA1

      5a6a0b90c5054721332d5e09d1f4fe65f0615aea

    • SHA256

      e6e3fa873e93c99b5e6e4b94879c0d12841c911a7859a2f6a99d80d90e376ef6

    • SHA512

      28627029620c2cda27f9f20e91438a054eab8d5da0e0e33c2d15bb384358c63a0f7308ebda37daefbe7e247db700bffab64db41b714d53959ebf0976eb93268d

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks