General

  • Target

    a28fab56581220d4b191abeec1b2803444139099122b4361b4990731fadc9ddb

  • Size

    170KB

  • Sample

    210615-da6szxyf7x

  • MD5

    66e4a031b4ca70a8d778c1df34f82674

  • SHA1

    d7688ab2b45460c3c4b7fdcaf36893ba0a4fdb2c

  • SHA256

    a28fab56581220d4b191abeec1b2803444139099122b4361b4990731fadc9ddb

  • SHA512

    79e8aa5ce03fcdb7f22eedb816ee1f774f844c3250e0a575ee6963998bcc084e23d939b8a9de66d30f4c0343290978ee5be35d920f8fe0561b94ecdca5f456d4

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      a28fab56581220d4b191abeec1b2803444139099122b4361b4990731fadc9ddb

    • Size

      170KB

    • MD5

      66e4a031b4ca70a8d778c1df34f82674

    • SHA1

      d7688ab2b45460c3c4b7fdcaf36893ba0a4fdb2c

    • SHA256

      a28fab56581220d4b191abeec1b2803444139099122b4361b4990731fadc9ddb

    • SHA512

      79e8aa5ce03fcdb7f22eedb816ee1f774f844c3250e0a575ee6963998bcc084e23d939b8a9de66d30f4c0343290978ee5be35d920f8fe0561b94ecdca5f456d4

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks