General

  • Target

    8d9afe6be17bc5fc5a2ec04189adf09d3bf9bdc56c4bcbcb154a3dcc288a8b6d

  • Size

    172KB

  • Sample

    210615-fadm7ltnpn

  • MD5

    743a239460a0b438ea979161e730d647

  • SHA1

    3960aaac21de2546f4b12c3ceb49e9fa3ea21df3

  • SHA256

    8d9afe6be17bc5fc5a2ec04189adf09d3bf9bdc56c4bcbcb154a3dcc288a8b6d

  • SHA512

    75a2a324a825fc04c358164b0c98304adbe319555a641004cb776546dad6a3b147377d3ab3726e3153979a7eb23dd198a0b42035a3da5295fa69c89cae31a57f

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      8d9afe6be17bc5fc5a2ec04189adf09d3bf9bdc56c4bcbcb154a3dcc288a8b6d

    • Size

      172KB

    • MD5

      743a239460a0b438ea979161e730d647

    • SHA1

      3960aaac21de2546f4b12c3ceb49e9fa3ea21df3

    • SHA256

      8d9afe6be17bc5fc5a2ec04189adf09d3bf9bdc56c4bcbcb154a3dcc288a8b6d

    • SHA512

      75a2a324a825fc04c358164b0c98304adbe319555a641004cb776546dad6a3b147377d3ab3726e3153979a7eb23dd198a0b42035a3da5295fa69c89cae31a57f

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks