General

  • Target

    a73fdae3fdf91e47201398b92bcb78d9b3dd4acda44a34a8b827f53a119442c7

  • Size

    170KB

  • Sample

    210615-88szydgq2e

  • MD5

    0c76ddcf36967d6413151a56da277f5a

  • SHA1

    3e56be9918879850ab920019ace9be9508c80967

  • SHA256

    a73fdae3fdf91e47201398b92bcb78d9b3dd4acda44a34a8b827f53a119442c7

  • SHA512

    ac6c2215d8c6e5e391cf781e0661f61f1bf4138529829b8fc8b8cd27cd22bf46e5d859f0e2d58da150ab437999988da125d8b6d0f4e9eff7d10f49e72ab23654

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      a73fdae3fdf91e47201398b92bcb78d9b3dd4acda44a34a8b827f53a119442c7

    • Size

      170KB

    • MD5

      0c76ddcf36967d6413151a56da277f5a

    • SHA1

      3e56be9918879850ab920019ace9be9508c80967

    • SHA256

      a73fdae3fdf91e47201398b92bcb78d9b3dd4acda44a34a8b827f53a119442c7

    • SHA512

      ac6c2215d8c6e5e391cf781e0661f61f1bf4138529829b8fc8b8cd27cd22bf46e5d859f0e2d58da150ab437999988da125d8b6d0f4e9eff7d10f49e72ab23654

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks