General

  • Target

    b86fed6d168f0e7a0f37b44537425fdeba5b1fa784968daecd3c15f3a0ae1dae

  • Size

    172KB

  • Sample

    210615-6v6kjnw9ax

  • MD5

    339065327761a07d067694a035f95d73

  • SHA1

    6f66ea2f7e40132748838bf96dac9b6e81662971

  • SHA256

    b86fed6d168f0e7a0f37b44537425fdeba5b1fa784968daecd3c15f3a0ae1dae

  • SHA512

    188d743b0af27f763198e514b4d306ce0a8b92c6316b036c4134007306d2b38dba379f7ce7e61d0399acc40d934d46b68211e2a9f10d96ee1dd1ec6ead43e873

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      b86fed6d168f0e7a0f37b44537425fdeba5b1fa784968daecd3c15f3a0ae1dae

    • Size

      172KB

    • MD5

      339065327761a07d067694a035f95d73

    • SHA1

      6f66ea2f7e40132748838bf96dac9b6e81662971

    • SHA256

      b86fed6d168f0e7a0f37b44537425fdeba5b1fa784968daecd3c15f3a0ae1dae

    • SHA512

      188d743b0af27f763198e514b4d306ce0a8b92c6316b036c4134007306d2b38dba379f7ce7e61d0399acc40d934d46b68211e2a9f10d96ee1dd1ec6ead43e873

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks