General

  • Target

    6ee719844c554e7df396e0a583e89721727b14705da8b5675f38b11caf10e27b

  • Size

    170KB

  • Sample

    210615-7zlpz47jae

  • MD5

    9f98c6a275ba0d13b667434680579d52

  • SHA1

    8be374e0e6101681083ad0708f1e9aa0652af44f

  • SHA256

    6ee719844c554e7df396e0a583e89721727b14705da8b5675f38b11caf10e27b

  • SHA512

    ff7bd1f328a4e2a92feeef0d7eb65b82c08b7f2d565432160e608ff13e386939b4a27f0589555c373195a02f1aff0d4aed7aa89849eea44121efc34f439ac216

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      6ee719844c554e7df396e0a583e89721727b14705da8b5675f38b11caf10e27b

    • Size

      170KB

    • MD5

      9f98c6a275ba0d13b667434680579d52

    • SHA1

      8be374e0e6101681083ad0708f1e9aa0652af44f

    • SHA256

      6ee719844c554e7df396e0a583e89721727b14705da8b5675f38b11caf10e27b

    • SHA512

      ff7bd1f328a4e2a92feeef0d7eb65b82c08b7f2d565432160e608ff13e386939b4a27f0589555c373195a02f1aff0d4aed7aa89849eea44121efc34f439ac216

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks