General

  • Target

    5f27d2c811f293877908f48303b1104ac2211ce82b1c71116206ac99a0565b5e

  • Size

    170KB

  • Sample

    210615-dgrhyt95bx

  • MD5

    696983ac3db021c708ee1a77784540df

  • SHA1

    16dc751cf077a928f8f0274312698edb1964257c

  • SHA256

    5f27d2c811f293877908f48303b1104ac2211ce82b1c71116206ac99a0565b5e

  • SHA512

    e1333751d452fe3e7ee796c4162f225317624e6053757829ff6877d9c9260592a6c1863158cdf6d3d0357f56d2c328f54e871ffa892491d799102df68082ddad

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      5f27d2c811f293877908f48303b1104ac2211ce82b1c71116206ac99a0565b5e

    • Size

      170KB

    • MD5

      696983ac3db021c708ee1a77784540df

    • SHA1

      16dc751cf077a928f8f0274312698edb1964257c

    • SHA256

      5f27d2c811f293877908f48303b1104ac2211ce82b1c71116206ac99a0565b5e

    • SHA512

      e1333751d452fe3e7ee796c4162f225317624e6053757829ff6877d9c9260592a6c1863158cdf6d3d0357f56d2c328f54e871ffa892491d799102df68082ddad

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks