General

  • Target

    e1a8cf50e304d1920b37a97045b33c327f6829dd033f75bb63aca220f3265d3d

  • Size

    170KB

  • Sample

    210615-6g4v6qjl2j

  • MD5

    6f3ec7b94f79bfdc485a8e0b1d050d6e

  • SHA1

    22f1eac493e001cfbd597a77b303bf3e9a5583ac

  • SHA256

    e1a8cf50e304d1920b37a97045b33c327f6829dd033f75bb63aca220f3265d3d

  • SHA512

    0218df76937b9c1c9d62a0663f90649e1f8c3ff7e0eacd4a8dab826ee2b5dd22a5a4bbeaab06deed51eeda13f63b06534b6ebd6b1cf50e312a9135ced1a2db44

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      e1a8cf50e304d1920b37a97045b33c327f6829dd033f75bb63aca220f3265d3d

    • Size

      170KB

    • MD5

      6f3ec7b94f79bfdc485a8e0b1d050d6e

    • SHA1

      22f1eac493e001cfbd597a77b303bf3e9a5583ac

    • SHA256

      e1a8cf50e304d1920b37a97045b33c327f6829dd033f75bb63aca220f3265d3d

    • SHA512

      0218df76937b9c1c9d62a0663f90649e1f8c3ff7e0eacd4a8dab826ee2b5dd22a5a4bbeaab06deed51eeda13f63b06534b6ebd6b1cf50e312a9135ced1a2db44

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks