General

  • Target

    f66ad93c33879f80dcae82a299b409d4e04ead679b3ca5c1b9ee9b1b658657ac

  • Size

    172KB

  • Sample

    210615-4qrmdbqd3x

  • MD5

    b54e7882815b04ba90b6c7c6a3f1b5f4

  • SHA1

    389bcf0d115fd525d331b59c00e263eae18d24d6

  • SHA256

    f66ad93c33879f80dcae82a299b409d4e04ead679b3ca5c1b9ee9b1b658657ac

  • SHA512

    487f4e69324e8bfa46a3fdb16faee3c9bf4dfaab1d311a1b1dd72c0f73739c96ff2b1adb820559b880ec97e0410d0ff30ee24b1902118e5656ce2e39f8d9e90f

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      f66ad93c33879f80dcae82a299b409d4e04ead679b3ca5c1b9ee9b1b658657ac

    • Size

      172KB

    • MD5

      b54e7882815b04ba90b6c7c6a3f1b5f4

    • SHA1

      389bcf0d115fd525d331b59c00e263eae18d24d6

    • SHA256

      f66ad93c33879f80dcae82a299b409d4e04ead679b3ca5c1b9ee9b1b658657ac

    • SHA512

      487f4e69324e8bfa46a3fdb16faee3c9bf4dfaab1d311a1b1dd72c0f73739c96ff2b1adb820559b880ec97e0410d0ff30ee24b1902118e5656ce2e39f8d9e90f

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks