General

  • Target

    ef52e0074cf5c4a14c09a7d439473a04cd1a330f1fe5a80e0958703487daccef

  • Size

    170KB

  • Sample

    210615-8tmz83a8ax

  • MD5

    79e6cfd1873f40c03db255862d3c4a9b

  • SHA1

    a144112aedf464858802a963ed6f60d1f80d9bc9

  • SHA256

    ef52e0074cf5c4a14c09a7d439473a04cd1a330f1fe5a80e0958703487daccef

  • SHA512

    8d62df91a082ac191fac52d1d0ba19c01435001738a9385944f08ac4ef0bc44505357a31683b1029f05c867ef09843ea18fec11cde1d27a6e4d317379e0404a5

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      ef52e0074cf5c4a14c09a7d439473a04cd1a330f1fe5a80e0958703487daccef

    • Size

      170KB

    • MD5

      79e6cfd1873f40c03db255862d3c4a9b

    • SHA1

      a144112aedf464858802a963ed6f60d1f80d9bc9

    • SHA256

      ef52e0074cf5c4a14c09a7d439473a04cd1a330f1fe5a80e0958703487daccef

    • SHA512

      8d62df91a082ac191fac52d1d0ba19c01435001738a9385944f08ac4ef0bc44505357a31683b1029f05c867ef09843ea18fec11cde1d27a6e4d317379e0404a5

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks