General

  • Target

    bba46c25417732bd67a3193404e35da308d14b04d99cfb6930edf75ecba431cd

  • Size

    170KB

  • Sample

    210615-86fahgyysj

  • MD5

    e8d4b87f97958bb208c314076630b5fb

  • SHA1

    fdf31a287efaa2c115aaa7f3009224fed7c4dc58

  • SHA256

    bba46c25417732bd67a3193404e35da308d14b04d99cfb6930edf75ecba431cd

  • SHA512

    97869cd0ffc96740299102469ae15654f34c0dd7f3e17881647a2e710b56fd3b69abab6352574ee8457636cd48501822edde4fedacbcc6f4917112c0def3b622

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      bba46c25417732bd67a3193404e35da308d14b04d99cfb6930edf75ecba431cd

    • Size

      170KB

    • MD5

      e8d4b87f97958bb208c314076630b5fb

    • SHA1

      fdf31a287efaa2c115aaa7f3009224fed7c4dc58

    • SHA256

      bba46c25417732bd67a3193404e35da308d14b04d99cfb6930edf75ecba431cd

    • SHA512

      97869cd0ffc96740299102469ae15654f34c0dd7f3e17881647a2e710b56fd3b69abab6352574ee8457636cd48501822edde4fedacbcc6f4917112c0def3b622

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks