General

  • Target

    290f0951bcc2bac169e0218bdebbf7e1669e024ad3c09ce049783cfda1aac047

  • Size

    172KB

  • Sample

    210615-49kbrvtxjs

  • MD5

    f4d2e3f3d7c9669c151b98cc0b8a7f70

  • SHA1

    83a74ab64cdef808b21993473386c68874066807

  • SHA256

    290f0951bcc2bac169e0218bdebbf7e1669e024ad3c09ce049783cfda1aac047

  • SHA512

    277bfe53b5f8d94fed0a69f502d62780ac1a631bb3d111a971762e65318175f9bddfeea3f5ca2a87440a805f780bdff840460f05f41500654312a3dff55eac74

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      290f0951bcc2bac169e0218bdebbf7e1669e024ad3c09ce049783cfda1aac047

    • Size

      172KB

    • MD5

      f4d2e3f3d7c9669c151b98cc0b8a7f70

    • SHA1

      83a74ab64cdef808b21993473386c68874066807

    • SHA256

      290f0951bcc2bac169e0218bdebbf7e1669e024ad3c09ce049783cfda1aac047

    • SHA512

      277bfe53b5f8d94fed0a69f502d62780ac1a631bb3d111a971762e65318175f9bddfeea3f5ca2a87440a805f780bdff840460f05f41500654312a3dff55eac74

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks