General

  • Target

    9f0541641b47f69c8741935227055834dc8b3e41922e9ac438d9df99140149dc

  • Size

    172KB

  • Sample

    210615-2w3mcnxd46

  • MD5

    57063963113d292f6f46581a210663d3

  • SHA1

    a5e433c9542fb1197806b4a69f8f831a1a4fd94b

  • SHA256

    9f0541641b47f69c8741935227055834dc8b3e41922e9ac438d9df99140149dc

  • SHA512

    5d2194a59ea1eba2bdce1c001a50f18c9754afba5d3e6877fc0f514102747d1b0435ff5638bc8e26d5116cdc494de6253a517012a3583e1d357c9089eb975d4f

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      9f0541641b47f69c8741935227055834dc8b3e41922e9ac438d9df99140149dc

    • Size

      172KB

    • MD5

      57063963113d292f6f46581a210663d3

    • SHA1

      a5e433c9542fb1197806b4a69f8f831a1a4fd94b

    • SHA256

      9f0541641b47f69c8741935227055834dc8b3e41922e9ac438d9df99140149dc

    • SHA512

      5d2194a59ea1eba2bdce1c001a50f18c9754afba5d3e6877fc0f514102747d1b0435ff5638bc8e26d5116cdc494de6253a517012a3583e1d357c9089eb975d4f

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks