General

  • Target

    c853822f2d4c30a1d6749ff461d71c8ba7c3d08f397a5ac47e61def1033458bc

  • Size

    172KB

  • Sample

    210615-5zqtexch4s

  • MD5

    bfff8be4d3563c8622bb54eecb2d60c1

  • SHA1

    09bc3a88a8dc53d4857a95cc9582246ab7fba659

  • SHA256

    c853822f2d4c30a1d6749ff461d71c8ba7c3d08f397a5ac47e61def1033458bc

  • SHA512

    ba466009049edf29a4d54b78091ad52c3865086fca1b7f90200efa74e3d81f78ddcc0fff7b68e7e0c079aea1f59bc3debcfd4560ef21dc98bdf0521232333eb2

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      c853822f2d4c30a1d6749ff461d71c8ba7c3d08f397a5ac47e61def1033458bc

    • Size

      172KB

    • MD5

      bfff8be4d3563c8622bb54eecb2d60c1

    • SHA1

      09bc3a88a8dc53d4857a95cc9582246ab7fba659

    • SHA256

      c853822f2d4c30a1d6749ff461d71c8ba7c3d08f397a5ac47e61def1033458bc

    • SHA512

      ba466009049edf29a4d54b78091ad52c3865086fca1b7f90200efa74e3d81f78ddcc0fff7b68e7e0c079aea1f59bc3debcfd4560ef21dc98bdf0521232333eb2

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks