General

  • Target

    fdc32cbe8167d0607746e49a3caae0f8b1e3e4c30314a2c2dc0d279de230939a

  • Size

    172KB

  • Sample

    210615-5skngwjrga

  • MD5

    492b48d2123086e10e7e98f4fa2b7588

  • SHA1

    2c7294744901e8beef606ff6ec69e6099c0dac78

  • SHA256

    fdc32cbe8167d0607746e49a3caae0f8b1e3e4c30314a2c2dc0d279de230939a

  • SHA512

    a69906b0ee348932a88e6b3fef455ef6151927e7bec67eede565f7c20386b5597964e13b7e472dfd382cc863960a521ea2176fe7de0f64c2001396616e2a72b3

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      fdc32cbe8167d0607746e49a3caae0f8b1e3e4c30314a2c2dc0d279de230939a

    • Size

      172KB

    • MD5

      492b48d2123086e10e7e98f4fa2b7588

    • SHA1

      2c7294744901e8beef606ff6ec69e6099c0dac78

    • SHA256

      fdc32cbe8167d0607746e49a3caae0f8b1e3e4c30314a2c2dc0d279de230939a

    • SHA512

      a69906b0ee348932a88e6b3fef455ef6151927e7bec67eede565f7c20386b5597964e13b7e472dfd382cc863960a521ea2176fe7de0f64c2001396616e2a72b3

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks