General

  • Target

    e81b5f4efc7140e0dd6c9d427b9c91b5d5a09771dca91a314007b7aaffbab5aa

  • Size

    170KB

  • Sample

    210615-ayj4vamfla

  • MD5

    edd717696297fc4628cec3b41d32be1b

  • SHA1

    fa6ced4efebb818da8b136ced852688ac914e01d

  • SHA256

    e81b5f4efc7140e0dd6c9d427b9c91b5d5a09771dca91a314007b7aaffbab5aa

  • SHA512

    4a6d234c8b130b08c2440cbab2dc59b3da8381bf43d758c2d7503a0e1c9beba7bd55292b12dc9e4978c6d03cb683bbfe4a9e25a4a15054854d4b441e7addde41

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      e81b5f4efc7140e0dd6c9d427b9c91b5d5a09771dca91a314007b7aaffbab5aa

    • Size

      170KB

    • MD5

      edd717696297fc4628cec3b41d32be1b

    • SHA1

      fa6ced4efebb818da8b136ced852688ac914e01d

    • SHA256

      e81b5f4efc7140e0dd6c9d427b9c91b5d5a09771dca91a314007b7aaffbab5aa

    • SHA512

      4a6d234c8b130b08c2440cbab2dc59b3da8381bf43d758c2d7503a0e1c9beba7bd55292b12dc9e4978c6d03cb683bbfe4a9e25a4a15054854d4b441e7addde41

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks