General

  • Target

    3d7b4ac131c7674b1c3f364312474336e2e4174249705f83fd6ff46f7a9e569a

  • Size

    172KB

  • Sample

    210615-4mn7r7e4h6

  • MD5

    e6afaabc2fe4f03f701f32facf424016

  • SHA1

    90ff98695f528c7cc2cda3fca61c1d90403eba02

  • SHA256

    3d7b4ac131c7674b1c3f364312474336e2e4174249705f83fd6ff46f7a9e569a

  • SHA512

    5ddea381cf3bcbf6a84ec4fdd3052a467135aaf44baba2f8500b5a98a005ef53d779b127afc614fdb9412b4888c5fcf0db62d430da3c3a613b2c0c8772b5e3e2

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      3d7b4ac131c7674b1c3f364312474336e2e4174249705f83fd6ff46f7a9e569a

    • Size

      172KB

    • MD5

      e6afaabc2fe4f03f701f32facf424016

    • SHA1

      90ff98695f528c7cc2cda3fca61c1d90403eba02

    • SHA256

      3d7b4ac131c7674b1c3f364312474336e2e4174249705f83fd6ff46f7a9e569a

    • SHA512

      5ddea381cf3bcbf6a84ec4fdd3052a467135aaf44baba2f8500b5a98a005ef53d779b127afc614fdb9412b4888c5fcf0db62d430da3c3a613b2c0c8772b5e3e2

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks