General

  • Target

    b49bef52430f3802e4f049b8862d96af492df64d0fd85bf7951cc12aee05e769

  • Size

    170KB

  • Sample

    210615-dllr3h7kg6

  • MD5

    355b6f3d7fe431e38be2e6866b2ac39e

  • SHA1

    0569818acf425376b7e001220a81252d48debf33

  • SHA256

    b49bef52430f3802e4f049b8862d96af492df64d0fd85bf7951cc12aee05e769

  • SHA512

    7f52a0b0627be0fc9648569cc2363b749e9ad3178ccd602793c679dc39157c15b48f23b90250523058494ba76d0e6ce5c812f8e48170e7c3267ef599878e0c40

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      b49bef52430f3802e4f049b8862d96af492df64d0fd85bf7951cc12aee05e769

    • Size

      170KB

    • MD5

      355b6f3d7fe431e38be2e6866b2ac39e

    • SHA1

      0569818acf425376b7e001220a81252d48debf33

    • SHA256

      b49bef52430f3802e4f049b8862d96af492df64d0fd85bf7951cc12aee05e769

    • SHA512

      7f52a0b0627be0fc9648569cc2363b749e9ad3178ccd602793c679dc39157c15b48f23b90250523058494ba76d0e6ce5c812f8e48170e7c3267ef599878e0c40

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks