General

  • Target

    873797df52fa51f8016a59ecb1a1288859bbd1b80cc5a0890ddaefde8f3a133a

  • Size

    172KB

  • Sample

    210615-etvkltdc4a

  • MD5

    1831786412a883c5afe902776d52ac2b

  • SHA1

    4784a09857c8e81021ac2633f0d18543ea198ffd

  • SHA256

    873797df52fa51f8016a59ecb1a1288859bbd1b80cc5a0890ddaefde8f3a133a

  • SHA512

    87c6f4118fc6cb7a98901592d7fd85cc83641ca6fdf9bc1dda25400f38164f6698052516f8109ff7ffd5a272063de0bd0a4ec53e05e116f8c4dc2e4e7fed13cf

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      873797df52fa51f8016a59ecb1a1288859bbd1b80cc5a0890ddaefde8f3a133a

    • Size

      172KB

    • MD5

      1831786412a883c5afe902776d52ac2b

    • SHA1

      4784a09857c8e81021ac2633f0d18543ea198ffd

    • SHA256

      873797df52fa51f8016a59ecb1a1288859bbd1b80cc5a0890ddaefde8f3a133a

    • SHA512

      87c6f4118fc6cb7a98901592d7fd85cc83641ca6fdf9bc1dda25400f38164f6698052516f8109ff7ffd5a272063de0bd0a4ec53e05e116f8c4dc2e4e7fed13cf

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks