General

  • Target

    464c079a59762c0d6966fd5b23a83b613260bb9c618d4cf8533ec19ec6203817

  • Size

    170KB

  • Sample

    210615-dv4ts2a6d6

  • MD5

    63c78ff332281818153e562b9d2d961e

  • SHA1

    1476704596a482319f60ff73bdc843f69327021f

  • SHA256

    464c079a59762c0d6966fd5b23a83b613260bb9c618d4cf8533ec19ec6203817

  • SHA512

    e841f81cf7d74dcbd44d0f6fc13254e3c382ade33533aa7802e47c02f5e4e600cb75d3c0f7f8bed3d1ba4d2aa80e2a1afe690a6c186760270c797ef357e2c8aa

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      464c079a59762c0d6966fd5b23a83b613260bb9c618d4cf8533ec19ec6203817

    • Size

      170KB

    • MD5

      63c78ff332281818153e562b9d2d961e

    • SHA1

      1476704596a482319f60ff73bdc843f69327021f

    • SHA256

      464c079a59762c0d6966fd5b23a83b613260bb9c618d4cf8533ec19ec6203817

    • SHA512

      e841f81cf7d74dcbd44d0f6fc13254e3c382ade33533aa7802e47c02f5e4e600cb75d3c0f7f8bed3d1ba4d2aa80e2a1afe690a6c186760270c797ef357e2c8aa

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks