General

  • Target

    6bbc37e63b3d1e6a977c37661aef0b71fb60ef5cc4ae638d60cef447ddcd618e

  • Size

    170KB

  • Sample

    210615-9qe7jaxmf2

  • MD5

    ffc1a5abc1518579235f1459db518c94

  • SHA1

    9389ad578001578550a81b4b4021a9aa582e1e8e

  • SHA256

    6bbc37e63b3d1e6a977c37661aef0b71fb60ef5cc4ae638d60cef447ddcd618e

  • SHA512

    259fb630b9500783665a87521df2a7611efef647d4a218b1a5c2b728b0512d2e808bcdb468e2f3f1d4518df6ba844feb4712442d5a7d83c8ac2797f30081f5e2

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      6bbc37e63b3d1e6a977c37661aef0b71fb60ef5cc4ae638d60cef447ddcd618e

    • Size

      170KB

    • MD5

      ffc1a5abc1518579235f1459db518c94

    • SHA1

      9389ad578001578550a81b4b4021a9aa582e1e8e

    • SHA256

      6bbc37e63b3d1e6a977c37661aef0b71fb60ef5cc4ae638d60cef447ddcd618e

    • SHA512

      259fb630b9500783665a87521df2a7611efef647d4a218b1a5c2b728b0512d2e808bcdb468e2f3f1d4518df6ba844feb4712442d5a7d83c8ac2797f30081f5e2

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks