General

  • Target

    00adcbef376536631e3f475b4b37b7a850f82b558cbb4cb2b0651b7780d0c5c7

  • Size

    170KB

  • Sample

    210615-bwqmm56kra

  • MD5

    48eaf2a30921a3afa19628f7fcf60d38

  • SHA1

    448f8c685478d26a71ee497b7a5863d1e121b387

  • SHA256

    00adcbef376536631e3f475b4b37b7a850f82b558cbb4cb2b0651b7780d0c5c7

  • SHA512

    63967315ab83141c50ad7ea754bc4972972fc39304fe6e3e199c2b367a0a6402ebd9e835d287f03b42c9935d599acf8b4e4cd6db87749dba45e0ce4e2249d70f

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      00adcbef376536631e3f475b4b37b7a850f82b558cbb4cb2b0651b7780d0c5c7

    • Size

      170KB

    • MD5

      48eaf2a30921a3afa19628f7fcf60d38

    • SHA1

      448f8c685478d26a71ee497b7a5863d1e121b387

    • SHA256

      00adcbef376536631e3f475b4b37b7a850f82b558cbb4cb2b0651b7780d0c5c7

    • SHA512

      63967315ab83141c50ad7ea754bc4972972fc39304fe6e3e199c2b367a0a6402ebd9e835d287f03b42c9935d599acf8b4e4cd6db87749dba45e0ce4e2249d70f

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks