General

  • Target

    f057b7a29849ed47967759b90e26ccc880e70765c31b8413492f80c3dfc6a986

  • Size

    170KB

  • Sample

    210615-8xsthn2832

  • MD5

    0df3b6aa7ab262b0542d30af34365830

  • SHA1

    4f686a9fc8ac217a4d34d32d4734536d57c6ba0e

  • SHA256

    f057b7a29849ed47967759b90e26ccc880e70765c31b8413492f80c3dfc6a986

  • SHA512

    3d6c660a09e6335fba114a9a68ead763d808120aa2d8c9178140d1efe89aff2091c5168f2a4ee2aba36da3dc8a33506fc65b5419c102c26a0d7c92cc4177c50c

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      f057b7a29849ed47967759b90e26ccc880e70765c31b8413492f80c3dfc6a986

    • Size

      170KB

    • MD5

      0df3b6aa7ab262b0542d30af34365830

    • SHA1

      4f686a9fc8ac217a4d34d32d4734536d57c6ba0e

    • SHA256

      f057b7a29849ed47967759b90e26ccc880e70765c31b8413492f80c3dfc6a986

    • SHA512

      3d6c660a09e6335fba114a9a68ead763d808120aa2d8c9178140d1efe89aff2091c5168f2a4ee2aba36da3dc8a33506fc65b5419c102c26a0d7c92cc4177c50c

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks