General

  • Target

    ad102effab7466a732b1b008c0cb1d894a0a77818f1994e78ca5a12951bfef9e

  • Size

    170KB

  • Sample

    210615-a8b846xbwn

  • MD5

    6da6bf47fffaca5f6ee0b0079661d5fd

  • SHA1

    9f8e8a3eb85de9e78f477511c391b1b122907ce4

  • SHA256

    ad102effab7466a732b1b008c0cb1d894a0a77818f1994e78ca5a12951bfef9e

  • SHA512

    8b4b3c2f525e8886349a85ac9795e9f00b8e634d58bb176354dbf6df32ac544fc3203e7bbdb92543979492d1c06fd12c320b65fe77c5d69ee2032a2d4b25cc3a

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      ad102effab7466a732b1b008c0cb1d894a0a77818f1994e78ca5a12951bfef9e

    • Size

      170KB

    • MD5

      6da6bf47fffaca5f6ee0b0079661d5fd

    • SHA1

      9f8e8a3eb85de9e78f477511c391b1b122907ce4

    • SHA256

      ad102effab7466a732b1b008c0cb1d894a0a77818f1994e78ca5a12951bfef9e

    • SHA512

      8b4b3c2f525e8886349a85ac9795e9f00b8e634d58bb176354dbf6df32ac544fc3203e7bbdb92543979492d1c06fd12c320b65fe77c5d69ee2032a2d4b25cc3a

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks