General

  • Target

    e81239d18a267f5addf1354ed2b2737cd0fcb460f65a04d7022d27079d801da5

  • Size

    170KB

  • Sample

    210615-cggpch4ls2

  • MD5

    4a1299e3af490bd969bfbf2cf267ab46

  • SHA1

    6be414a2fdc7105cf54eea860c7a82d81e9482d8

  • SHA256

    e81239d18a267f5addf1354ed2b2737cd0fcb460f65a04d7022d27079d801da5

  • SHA512

    530a4d1d20abd6e3609028b6e7fb2e674ebcc41ec7f8132ec36f1bd0e4edd48b8c0695ae2460db41bbc046543c2b342ac267db0f1e8d2916e41a31073cf57a29

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      e81239d18a267f5addf1354ed2b2737cd0fcb460f65a04d7022d27079d801da5

    • Size

      170KB

    • MD5

      4a1299e3af490bd969bfbf2cf267ab46

    • SHA1

      6be414a2fdc7105cf54eea860c7a82d81e9482d8

    • SHA256

      e81239d18a267f5addf1354ed2b2737cd0fcb460f65a04d7022d27079d801da5

    • SHA512

      530a4d1d20abd6e3609028b6e7fb2e674ebcc41ec7f8132ec36f1bd0e4edd48b8c0695ae2460db41bbc046543c2b342ac267db0f1e8d2916e41a31073cf57a29

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks