General

  • Target

    b84d7537c0b756cdcb4611afe3b12ab89f7d04d39ca8d586d2e9c0f0d28a3d20

  • Size

    170KB

  • Sample

    210615-2hx1cf6pej

  • MD5

    0426397ab3d19edd66b522ed7064d58c

  • SHA1

    ccfda833104d9328d217e902a0f4d2b28a19b8ed

  • SHA256

    b84d7537c0b756cdcb4611afe3b12ab89f7d04d39ca8d586d2e9c0f0d28a3d20

  • SHA512

    1bb800231dbd32bdf62228432df68a23f55ab71345ad7a2e95eb5f038cfe82fdbd01a5b17f46fd8bb74b53206796b816a9042752c7b959ec32d1713c3a102584

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      b84d7537c0b756cdcb4611afe3b12ab89f7d04d39ca8d586d2e9c0f0d28a3d20

    • Size

      170KB

    • MD5

      0426397ab3d19edd66b522ed7064d58c

    • SHA1

      ccfda833104d9328d217e902a0f4d2b28a19b8ed

    • SHA256

      b84d7537c0b756cdcb4611afe3b12ab89f7d04d39ca8d586d2e9c0f0d28a3d20

    • SHA512

      1bb800231dbd32bdf62228432df68a23f55ab71345ad7a2e95eb5f038cfe82fdbd01a5b17f46fd8bb74b53206796b816a9042752c7b959ec32d1713c3a102584

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks