General

  • Target

    514b0abe07dbefd83ee9edd28a24e5d613cd8d0fc6ba8dfe94f9ab45f5076a0a

  • Size

    170KB

  • Sample

    210615-8lnjqazejs

  • MD5

    a879abf0b30b651de78891672f2c84ac

  • SHA1

    edb7fe96c90751487862d7d6ffed482d8b9fa9a5

  • SHA256

    514b0abe07dbefd83ee9edd28a24e5d613cd8d0fc6ba8dfe94f9ab45f5076a0a

  • SHA512

    7e3af4f1fda979ece38e022625cf1c5802ff5beb727eba8a6a2132402875cb10c561506f1c512d7aef0742bf5585b54e545bcb8cb1f5f347b7f8d2e478240f17

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      514b0abe07dbefd83ee9edd28a24e5d613cd8d0fc6ba8dfe94f9ab45f5076a0a

    • Size

      170KB

    • MD5

      a879abf0b30b651de78891672f2c84ac

    • SHA1

      edb7fe96c90751487862d7d6ffed482d8b9fa9a5

    • SHA256

      514b0abe07dbefd83ee9edd28a24e5d613cd8d0fc6ba8dfe94f9ab45f5076a0a

    • SHA512

      7e3af4f1fda979ece38e022625cf1c5802ff5beb727eba8a6a2132402875cb10c561506f1c512d7aef0742bf5585b54e545bcb8cb1f5f347b7f8d2e478240f17

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks