General

  • Target

    5bffbde2b171f29454dec4a6633db6f09d551bca5c265f8903fae56b93b1b523

  • Size

    170KB

  • Sample

    210615-5glbhcq7xj

  • MD5

    dcd54490066708a1e0ce662aee432da4

  • SHA1

    b62cd3765e03926a773d2ca1a4eccca76b4eecca

  • SHA256

    5bffbde2b171f29454dec4a6633db6f09d551bca5c265f8903fae56b93b1b523

  • SHA512

    e97f798fbe71d7c1ab3c5006d377dc420a15a216e47b92c75ad6ba49be048a227b76510bd09cdc807cf73f7bc7843967f3d931cad6c09f476f041f17e5f8d864

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      5bffbde2b171f29454dec4a6633db6f09d551bca5c265f8903fae56b93b1b523

    • Size

      170KB

    • MD5

      dcd54490066708a1e0ce662aee432da4

    • SHA1

      b62cd3765e03926a773d2ca1a4eccca76b4eecca

    • SHA256

      5bffbde2b171f29454dec4a6633db6f09d551bca5c265f8903fae56b93b1b523

    • SHA512

      e97f798fbe71d7c1ab3c5006d377dc420a15a216e47b92c75ad6ba49be048a227b76510bd09cdc807cf73f7bc7843967f3d931cad6c09f476f041f17e5f8d864

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks