General

  • Target

    65dd64410d17808bb3a0f172f9df7e4227c65d369530a3abdef45f28a7e257a8

  • Size

    170KB

  • Sample

    210615-fj5dxz3546

  • MD5

    9372946e99c7bbfc3c72cf732f901adc

  • SHA1

    937b5d9043f417bef54b9799fcda53dce9bb1474

  • SHA256

    65dd64410d17808bb3a0f172f9df7e4227c65d369530a3abdef45f28a7e257a8

  • SHA512

    d27dd0606b52fb23bfa0d0e636f9d353d5aabccd5ed220529667b7c3c53767cb5f01565634a5e12baf0c8c677a0746e0b7c07994a89b8a1b23eaa96980b3a043

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      65dd64410d17808bb3a0f172f9df7e4227c65d369530a3abdef45f28a7e257a8

    • Size

      170KB

    • MD5

      9372946e99c7bbfc3c72cf732f901adc

    • SHA1

      937b5d9043f417bef54b9799fcda53dce9bb1474

    • SHA256

      65dd64410d17808bb3a0f172f9df7e4227c65d369530a3abdef45f28a7e257a8

    • SHA512

      d27dd0606b52fb23bfa0d0e636f9d353d5aabccd5ed220529667b7c3c53767cb5f01565634a5e12baf0c8c677a0746e0b7c07994a89b8a1b23eaa96980b3a043

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks