General

  • Target

    2afacc8b84231d54c415087177e77727e3664a73562f6d8d05b51d9065af464b

  • Size

    170KB

  • Sample

    210615-gqr96t2psn

  • MD5

    df955ec700167b9d1d603bf579d0f9bf

  • SHA1

    f14f95fa4347d97612dfe547fd2fef112bc5c520

  • SHA256

    2afacc8b84231d54c415087177e77727e3664a73562f6d8d05b51d9065af464b

  • SHA512

    78d57a637eea6473f35f95abb93de61f0599fd4c48cdbd3a6e21b8eb50cb724ca4ee73b635d0422bfb807ad8dedc3388589b23f2df49c36b4c417578eb7c3a94

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      2afacc8b84231d54c415087177e77727e3664a73562f6d8d05b51d9065af464b

    • Size

      170KB

    • MD5

      df955ec700167b9d1d603bf579d0f9bf

    • SHA1

      f14f95fa4347d97612dfe547fd2fef112bc5c520

    • SHA256

      2afacc8b84231d54c415087177e77727e3664a73562f6d8d05b51d9065af464b

    • SHA512

      78d57a637eea6473f35f95abb93de61f0599fd4c48cdbd3a6e21b8eb50cb724ca4ee73b635d0422bfb807ad8dedc3388589b23f2df49c36b4c417578eb7c3a94

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks