General

  • Target

    689f06eb7c3ae881dc6a5b28f814f4fd22266e4502168d21dbb17f9bea02d734

  • Size

    172KB

  • Sample

    210615-bzv6zfz7qa

  • MD5

    e0d6579352de0e6b139196e23089dc24

  • SHA1

    d14e142478b6a19df37d15ee827f76456969d7e3

  • SHA256

    689f06eb7c3ae881dc6a5b28f814f4fd22266e4502168d21dbb17f9bea02d734

  • SHA512

    38662b98b0bfb6ce8292f3f82600b00afab11c77f935662139818dd99147b27747aa16780bed52a743be9b8ba78a99c5709f1abba513d4890f2491065b474500

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      689f06eb7c3ae881dc6a5b28f814f4fd22266e4502168d21dbb17f9bea02d734

    • Size

      172KB

    • MD5

      e0d6579352de0e6b139196e23089dc24

    • SHA1

      d14e142478b6a19df37d15ee827f76456969d7e3

    • SHA256

      689f06eb7c3ae881dc6a5b28f814f4fd22266e4502168d21dbb17f9bea02d734

    • SHA512

      38662b98b0bfb6ce8292f3f82600b00afab11c77f935662139818dd99147b27747aa16780bed52a743be9b8ba78a99c5709f1abba513d4890f2491065b474500

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks