General

  • Target

    88867a16907e26d5e8c0ba0a72778890f1dea919d57b53a7511072c2c9a2eab8

  • Size

    170KB

  • Sample

    210615-746ebep58j

  • MD5

    0aa57ea6b1484d00d1eb858ed324f3f2

  • SHA1

    26cc7c0cb134d37ddd5c283339afef01796c1ecc

  • SHA256

    88867a16907e26d5e8c0ba0a72778890f1dea919d57b53a7511072c2c9a2eab8

  • SHA512

    32478a3009272be56880deeabfdcd785ae34eebdd6f19c67b3d2f339c60a00c1ea066bf47c06a572767b59662ded622ac1ebc5c0e388e43c39ed60fcc69ea846

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      88867a16907e26d5e8c0ba0a72778890f1dea919d57b53a7511072c2c9a2eab8

    • Size

      170KB

    • MD5

      0aa57ea6b1484d00d1eb858ed324f3f2

    • SHA1

      26cc7c0cb134d37ddd5c283339afef01796c1ecc

    • SHA256

      88867a16907e26d5e8c0ba0a72778890f1dea919d57b53a7511072c2c9a2eab8

    • SHA512

      32478a3009272be56880deeabfdcd785ae34eebdd6f19c67b3d2f339c60a00c1ea066bf47c06a572767b59662ded622ac1ebc5c0e388e43c39ed60fcc69ea846

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks