General

  • Target

    91086037b3404f602bb1ab023a4cacb6a8e541b7ea23c5fe7275a01d7add3fdd

  • Size

    170KB

  • Sample

    210615-7cnw59sdvx

  • MD5

    1a8b9fe40de5d5174d388bd3666a9f8b

  • SHA1

    149e9288c1462994ff5a268117c9df0cf275faf6

  • SHA256

    91086037b3404f602bb1ab023a4cacb6a8e541b7ea23c5fe7275a01d7add3fdd

  • SHA512

    8ba3fd1f0520d156d1a319b851674f1b032287ba226d5432fddb06af384361d4590bf7423836dc96009fef58657e5647bbb00f710852ed8705bddf6bae428acf

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      91086037b3404f602bb1ab023a4cacb6a8e541b7ea23c5fe7275a01d7add3fdd

    • Size

      170KB

    • MD5

      1a8b9fe40de5d5174d388bd3666a9f8b

    • SHA1

      149e9288c1462994ff5a268117c9df0cf275faf6

    • SHA256

      91086037b3404f602bb1ab023a4cacb6a8e541b7ea23c5fe7275a01d7add3fdd

    • SHA512

      8ba3fd1f0520d156d1a319b851674f1b032287ba226d5432fddb06af384361d4590bf7423836dc96009fef58657e5647bbb00f710852ed8705bddf6bae428acf

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks