General

  • Target

    e00855612106eb7f600eb431c192d9fc36c9101fd4707adf07674727cdc3c3ca

  • Size

    172KB

  • Sample

    210615-b5wmea8rkj

  • MD5

    ff2662a935097436da19523c9cba821a

  • SHA1

    2bc8ca7a7235a8b5e92d2075e3cf551294283147

  • SHA256

    e00855612106eb7f600eb431c192d9fc36c9101fd4707adf07674727cdc3c3ca

  • SHA512

    05b25e97035f4869f74d92a81fe4be54aa50aefd7654f2450314a5fa8642b642df31a3fced5d8a67d8a0694cba60272a7c9626a4d87d47d1eeaed7f7f3bf549d

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      e00855612106eb7f600eb431c192d9fc36c9101fd4707adf07674727cdc3c3ca

    • Size

      172KB

    • MD5

      ff2662a935097436da19523c9cba821a

    • SHA1

      2bc8ca7a7235a8b5e92d2075e3cf551294283147

    • SHA256

      e00855612106eb7f600eb431c192d9fc36c9101fd4707adf07674727cdc3c3ca

    • SHA512

      05b25e97035f4869f74d92a81fe4be54aa50aefd7654f2450314a5fa8642b642df31a3fced5d8a67d8a0694cba60272a7c9626a4d87d47d1eeaed7f7f3bf549d

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks