General

  • Target

    156315bf99b00b5324e64a9da2ea44c75627b6392d6b5867b46364d89e7445c9

  • Size

    170KB

  • Sample

    210615-3g3n9kv1ce

  • MD5

    6d4d7742d8990739f55501299ae4eed5

  • SHA1

    225f2d6906a806f3f1b87e66343884af942e728b

  • SHA256

    156315bf99b00b5324e64a9da2ea44c75627b6392d6b5867b46364d89e7445c9

  • SHA512

    29cbc8c666408dc8dd72db43e2abb580fdb76e56f6e592317b905fc51cac3590cc52c5bfa67ce527db834154a0bf4dc7caf1391d65c82c7dc1a8809a4154605d

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      156315bf99b00b5324e64a9da2ea44c75627b6392d6b5867b46364d89e7445c9

    • Size

      170KB

    • MD5

      6d4d7742d8990739f55501299ae4eed5

    • SHA1

      225f2d6906a806f3f1b87e66343884af942e728b

    • SHA256

      156315bf99b00b5324e64a9da2ea44c75627b6392d6b5867b46364d89e7445c9

    • SHA512

      29cbc8c666408dc8dd72db43e2abb580fdb76e56f6e592317b905fc51cac3590cc52c5bfa67ce527db834154a0bf4dc7caf1391d65c82c7dc1a8809a4154605d

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks