General

  • Target

    b129eee829fdbc32e5927fa7a00cf8f2eef1f0df7d4d853d08a1583f15a6d4a0

  • Size

    172KB

  • Sample

    210615-5krb42kpne

  • MD5

    21522de12f3a47a783414408afcd8bac

  • SHA1

    9c63fe166153713f5ebe8a6994887bb631c09d3f

  • SHA256

    b129eee829fdbc32e5927fa7a00cf8f2eef1f0df7d4d853d08a1583f15a6d4a0

  • SHA512

    1ea093a25ac7211664db41c64831ec3ef679ac070fc2aa977afe5f0a989ecf5ce78dec14b612fd5c59185ff6e8399a76908bb830ffe7a49fc4296a02340cbd96

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      b129eee829fdbc32e5927fa7a00cf8f2eef1f0df7d4d853d08a1583f15a6d4a0

    • Size

      172KB

    • MD5

      21522de12f3a47a783414408afcd8bac

    • SHA1

      9c63fe166153713f5ebe8a6994887bb631c09d3f

    • SHA256

      b129eee829fdbc32e5927fa7a00cf8f2eef1f0df7d4d853d08a1583f15a6d4a0

    • SHA512

      1ea093a25ac7211664db41c64831ec3ef679ac070fc2aa977afe5f0a989ecf5ce78dec14b612fd5c59185ff6e8399a76908bb830ffe7a49fc4296a02340cbd96

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks