General

  • Target

    241363e469ed662b0df687fbbbeda84fe58a1dd01e7fda92e1c5948b693c3c11

  • Size

    170KB

  • Sample

    210615-ecl51rm8s2

  • MD5

    67e0aebd1659244556892ab36cb8840f

  • SHA1

    b734361124f703df4c9ffccb06d34eee7c5f4f0d

  • SHA256

    241363e469ed662b0df687fbbbeda84fe58a1dd01e7fda92e1c5948b693c3c11

  • SHA512

    10ac97ebd7f709d2ebeff426f0d7e0eb87d70b8724168b894d5b1837c2593eb9c01be9b5d0087c64bf21ec30f8d458405643e39d8dc7c5df254f4c7c20558c6a

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      241363e469ed662b0df687fbbbeda84fe58a1dd01e7fda92e1c5948b693c3c11

    • Size

      170KB

    • MD5

      67e0aebd1659244556892ab36cb8840f

    • SHA1

      b734361124f703df4c9ffccb06d34eee7c5f4f0d

    • SHA256

      241363e469ed662b0df687fbbbeda84fe58a1dd01e7fda92e1c5948b693c3c11

    • SHA512

      10ac97ebd7f709d2ebeff426f0d7e0eb87d70b8724168b894d5b1837c2593eb9c01be9b5d0087c64bf21ec30f8d458405643e39d8dc7c5df254f4c7c20558c6a

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks