General

  • Target

    5022b5e8bc0331772a667ea993cf479fd064ea7465c239f17bea325dacfaee9c

  • Size

    172KB

  • Sample

    210615-82canferfx

  • MD5

    4ff1e6a5be720ecc7a311cb8bea3e791

  • SHA1

    2fa13678647f9d9a175d50a67af5f3079ba55437

  • SHA256

    5022b5e8bc0331772a667ea993cf479fd064ea7465c239f17bea325dacfaee9c

  • SHA512

    2ad73fc55124be059329456d9f65b5dceda530f64c77b35a532d565131890c41f6ebaaf16912c8d3ea3701fa76d82f2494a1efa03605b0610f8258e57ecf4512

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      5022b5e8bc0331772a667ea993cf479fd064ea7465c239f17bea325dacfaee9c

    • Size

      172KB

    • MD5

      4ff1e6a5be720ecc7a311cb8bea3e791

    • SHA1

      2fa13678647f9d9a175d50a67af5f3079ba55437

    • SHA256

      5022b5e8bc0331772a667ea993cf479fd064ea7465c239f17bea325dacfaee9c

    • SHA512

      2ad73fc55124be059329456d9f65b5dceda530f64c77b35a532d565131890c41f6ebaaf16912c8d3ea3701fa76d82f2494a1efa03605b0610f8258e57ecf4512

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks