General

  • Target

    c28da296c6f82c7b72472994ccb2a899bb86dec1aba737a31d65cc9bfa9809d1

  • Size

    170KB

  • Sample

    210615-cyc342r7s6

  • MD5

    d83d9adf8620ca690dcf876b72846ede

  • SHA1

    3fef8d0cbdd819971fcebc394658f486cf3b0e49

  • SHA256

    c28da296c6f82c7b72472994ccb2a899bb86dec1aba737a31d65cc9bfa9809d1

  • SHA512

    0ed4146dd18e7d4f58a827f3527f636efbb087135afea82be1617239ca5468470f9451e7753f3367354a05978adc35e850c7c3b9f2defc16dbed70b936d4d0fb

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      c28da296c6f82c7b72472994ccb2a899bb86dec1aba737a31d65cc9bfa9809d1

    • Size

      170KB

    • MD5

      d83d9adf8620ca690dcf876b72846ede

    • SHA1

      3fef8d0cbdd819971fcebc394658f486cf3b0e49

    • SHA256

      c28da296c6f82c7b72472994ccb2a899bb86dec1aba737a31d65cc9bfa9809d1

    • SHA512

      0ed4146dd18e7d4f58a827f3527f636efbb087135afea82be1617239ca5468470f9451e7753f3367354a05978adc35e850c7c3b9f2defc16dbed70b936d4d0fb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks