General

  • Target

    08b63ba485a6e897d0a998395feb8ea250e30245ac7ccb2668d16780735ea111

  • Size

    172KB

  • Sample

    210615-6ehrq41rhs

  • MD5

    e00bd10537a117f4a5e30c34e4f6011e

  • SHA1

    96f01556daa0ce82733fdf94fbcb88f568f2d2b8

  • SHA256

    08b63ba485a6e897d0a998395feb8ea250e30245ac7ccb2668d16780735ea111

  • SHA512

    5471ca765fde54d1af4dfb0282832a9eb1abdacf0e01069c9e2745254c1d693fb665497d137730177583940d64a77d0631466cb5e9a5a2810fee35d67cb2c81a

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      08b63ba485a6e897d0a998395feb8ea250e30245ac7ccb2668d16780735ea111

    • Size

      172KB

    • MD5

      e00bd10537a117f4a5e30c34e4f6011e

    • SHA1

      96f01556daa0ce82733fdf94fbcb88f568f2d2b8

    • SHA256

      08b63ba485a6e897d0a998395feb8ea250e30245ac7ccb2668d16780735ea111

    • SHA512

      5471ca765fde54d1af4dfb0282832a9eb1abdacf0e01069c9e2745254c1d693fb665497d137730177583940d64a77d0631466cb5e9a5a2810fee35d67cb2c81a

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks