General

  • Target

    240236976bee7416c76d27ebeff3e3e8591b43989d934e521969727558b550fd

  • Size

    172KB

  • Sample

    210615-ecfq1x9gys

  • MD5

    d4f4b52df7ce435a7526790bbedc0ad5

  • SHA1

    bd0c8dbd3854d86d6a937ec36388835a672c3e67

  • SHA256

    240236976bee7416c76d27ebeff3e3e8591b43989d934e521969727558b550fd

  • SHA512

    b2536b34f864bc11a00ff2be0182aa2c0d62f035d0914dc903336352182914588714c12443fd0d592135c387834b79cb119bcb4c9bc06bd80fa9bbe8677d3417

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      240236976bee7416c76d27ebeff3e3e8591b43989d934e521969727558b550fd

    • Size

      172KB

    • MD5

      d4f4b52df7ce435a7526790bbedc0ad5

    • SHA1

      bd0c8dbd3854d86d6a937ec36388835a672c3e67

    • SHA256

      240236976bee7416c76d27ebeff3e3e8591b43989d934e521969727558b550fd

    • SHA512

      b2536b34f864bc11a00ff2be0182aa2c0d62f035d0914dc903336352182914588714c12443fd0d592135c387834b79cb119bcb4c9bc06bd80fa9bbe8677d3417

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks