General

  • Target

    28d958eef756024ff059deba1d0686edc9c2f018275c052f0d2487f06053f253

  • Size

    172KB

  • Sample

    210615-65fpnys57a

  • MD5

    ae105e40b1b5f66f6480c93a9b3e1b63

  • SHA1

    0c6fc8401aaef3a5441c2f943c6769fc535447e6

  • SHA256

    28d958eef756024ff059deba1d0686edc9c2f018275c052f0d2487f06053f253

  • SHA512

    ed151f9b2530d8101a8092b3e527844ece057c44916bf5d597559a0d57b1233018bff8290efc2c140c4727d686cbc1d90c6afbad91ea37f8ad775dc2ad842488

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      28d958eef756024ff059deba1d0686edc9c2f018275c052f0d2487f06053f253

    • Size

      172KB

    • MD5

      ae105e40b1b5f66f6480c93a9b3e1b63

    • SHA1

      0c6fc8401aaef3a5441c2f943c6769fc535447e6

    • SHA256

      28d958eef756024ff059deba1d0686edc9c2f018275c052f0d2487f06053f253

    • SHA512

      ed151f9b2530d8101a8092b3e527844ece057c44916bf5d597559a0d57b1233018bff8290efc2c140c4727d686cbc1d90c6afbad91ea37f8ad775dc2ad842488

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks