General

  • Target

    2c19852a04f0a047bb69e9b1471cca3ac2be28bbd780388f181960d150ad6fa6

  • Size

    172KB

  • Sample

    210615-4bc54csmc6

  • MD5

    1c82d5668d364313d75ce037f2d2ae3d

  • SHA1

    1220b90783590569b2f0234b8e483c25b29ccffa

  • SHA256

    2c19852a04f0a047bb69e9b1471cca3ac2be28bbd780388f181960d150ad6fa6

  • SHA512

    f88d98205b2ed4c9b05bb86ac67672781f36ed7126c3b8a78f354dbaaaa60f9d7cf1fa831c820592870dfbe57dcf696e7dbf24e85ca568fb8c6520d8f3563a2b

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      2c19852a04f0a047bb69e9b1471cca3ac2be28bbd780388f181960d150ad6fa6

    • Size

      172KB

    • MD5

      1c82d5668d364313d75ce037f2d2ae3d

    • SHA1

      1220b90783590569b2f0234b8e483c25b29ccffa

    • SHA256

      2c19852a04f0a047bb69e9b1471cca3ac2be28bbd780388f181960d150ad6fa6

    • SHA512

      f88d98205b2ed4c9b05bb86ac67672781f36ed7126c3b8a78f354dbaaaa60f9d7cf1fa831c820592870dfbe57dcf696e7dbf24e85ca568fb8c6520d8f3563a2b

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks