General

  • Target

    fbfe6714a9cbb6761a3222d7f45783c84a0d7491c782fabdcfbf3aafb3bb10b1

  • Size

    172KB

  • Sample

    210615-fsegx7jlda

  • MD5

    5d912a3ce63a03177b10456cac50b321

  • SHA1

    233ef25fac58fc75f010e9a776fe434ccdaefdb8

  • SHA256

    fbfe6714a9cbb6761a3222d7f45783c84a0d7491c782fabdcfbf3aafb3bb10b1

  • SHA512

    9d5e302954817d2a07cb783ec69fd7bba8438f6d283e57194933a0c78c3be122920cb754a1a092ba71503040e907e0ce2aab0790ddcb95c5f605846a46cd717e

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      fbfe6714a9cbb6761a3222d7f45783c84a0d7491c782fabdcfbf3aafb3bb10b1

    • Size

      172KB

    • MD5

      5d912a3ce63a03177b10456cac50b321

    • SHA1

      233ef25fac58fc75f010e9a776fe434ccdaefdb8

    • SHA256

      fbfe6714a9cbb6761a3222d7f45783c84a0d7491c782fabdcfbf3aafb3bb10b1

    • SHA512

      9d5e302954817d2a07cb783ec69fd7bba8438f6d283e57194933a0c78c3be122920cb754a1a092ba71503040e907e0ce2aab0790ddcb95c5f605846a46cd717e

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks