General

  • Target

    d9430aa2aa7c9ae23ab1f01b39a34396d3be00fdf04a63f64652e105747ca399

  • Size

    170KB

  • Sample

    210615-c1yr2avv9x

  • MD5

    1ab4bc9330a1cc6d36971aa6510e0248

  • SHA1

    f34fdc628a64293e30990b5b12ad2b7db23e28ef

  • SHA256

    d9430aa2aa7c9ae23ab1f01b39a34396d3be00fdf04a63f64652e105747ca399

  • SHA512

    bd6460b88fedea0cf7fa7f3f7350cfb8bd6714a6d9b1e9c05b133724ad900e00bcab373ed7ffdc0ef48d7324d0aec12dec6952b40a710889ba688512aab886f8

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      d9430aa2aa7c9ae23ab1f01b39a34396d3be00fdf04a63f64652e105747ca399

    • Size

      170KB

    • MD5

      1ab4bc9330a1cc6d36971aa6510e0248

    • SHA1

      f34fdc628a64293e30990b5b12ad2b7db23e28ef

    • SHA256

      d9430aa2aa7c9ae23ab1f01b39a34396d3be00fdf04a63f64652e105747ca399

    • SHA512

      bd6460b88fedea0cf7fa7f3f7350cfb8bd6714a6d9b1e9c05b133724ad900e00bcab373ed7ffdc0ef48d7324d0aec12dec6952b40a710889ba688512aab886f8

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks