General

  • Target

    df05209f1bd72adbcbc35fc68b98cd5b03d522a9132e2342c8d256140bb1c907

  • Size

    170KB

  • Sample

    210615-3vvjykwx26

  • MD5

    af3a88b8eea564ef53b28a2ddd2eb71e

  • SHA1

    01ecc19b8ba2d2d88655b695f47244f5c00856d3

  • SHA256

    df05209f1bd72adbcbc35fc68b98cd5b03d522a9132e2342c8d256140bb1c907

  • SHA512

    cb2200389b8b3e37e356eab9d1bd563d28cf76082d795cc09a64eee67ecdee3de7984492737f08908461e738722a7b189c60b37824e4ae1d7dab7ec5a2d2ddc5

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      df05209f1bd72adbcbc35fc68b98cd5b03d522a9132e2342c8d256140bb1c907

    • Size

      170KB

    • MD5

      af3a88b8eea564ef53b28a2ddd2eb71e

    • SHA1

      01ecc19b8ba2d2d88655b695f47244f5c00856d3

    • SHA256

      df05209f1bd72adbcbc35fc68b98cd5b03d522a9132e2342c8d256140bb1c907

    • SHA512

      cb2200389b8b3e37e356eab9d1bd563d28cf76082d795cc09a64eee67ecdee3de7984492737f08908461e738722a7b189c60b37824e4ae1d7dab7ec5a2d2ddc5

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks