General

  • Target

    861a8ae472d35ad6a4d335a6978d2cfd7a3a9a04def136ead6c61c66c2cf1228

  • Size

    172KB

  • Sample

    210615-dhjmf3y65x

  • MD5

    937efb7b086e9f5cdec82cef4eabbb8d

  • SHA1

    f6615e07187aa64dba431bf3e47d12ec54ed28aa

  • SHA256

    861a8ae472d35ad6a4d335a6978d2cfd7a3a9a04def136ead6c61c66c2cf1228

  • SHA512

    6b91f91714327aaa7ab1b89676ee3a1016f70c86754c7494c10082859285529cfbd73b91e1fc36da02e8945caf181477a6d60867eb1273436a3b884b615cbabe

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      861a8ae472d35ad6a4d335a6978d2cfd7a3a9a04def136ead6c61c66c2cf1228

    • Size

      172KB

    • MD5

      937efb7b086e9f5cdec82cef4eabbb8d

    • SHA1

      f6615e07187aa64dba431bf3e47d12ec54ed28aa

    • SHA256

      861a8ae472d35ad6a4d335a6978d2cfd7a3a9a04def136ead6c61c66c2cf1228

    • SHA512

      6b91f91714327aaa7ab1b89676ee3a1016f70c86754c7494c10082859285529cfbd73b91e1fc36da02e8945caf181477a6d60867eb1273436a3b884b615cbabe

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks