General

  • Target

    1450b4e5adb6f47972fe9765939e68cca11c391ade2e8468ef5c99df45a0affa

  • Size

    170KB

  • Sample

    210615-gxjzd35p16

  • MD5

    1fbdd8a613e7606ce7283892edaa503e

  • SHA1

    9ddd2db12a315d0f1684eb9737c3da89fc52464d

  • SHA256

    1450b4e5adb6f47972fe9765939e68cca11c391ade2e8468ef5c99df45a0affa

  • SHA512

    69d11c0738c97f0d5c40eaa5e8c07d44561e125f3a1b800f9f3c1496198364980b00bedfb33c7717161ce40f58ba0700c617c1a8358af8b2139a2e919cdd1ba4

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      1450b4e5adb6f47972fe9765939e68cca11c391ade2e8468ef5c99df45a0affa

    • Size

      170KB

    • MD5

      1fbdd8a613e7606ce7283892edaa503e

    • SHA1

      9ddd2db12a315d0f1684eb9737c3da89fc52464d

    • SHA256

      1450b4e5adb6f47972fe9765939e68cca11c391ade2e8468ef5c99df45a0affa

    • SHA512

      69d11c0738c97f0d5c40eaa5e8c07d44561e125f3a1b800f9f3c1496198364980b00bedfb33c7717161ce40f58ba0700c617c1a8358af8b2139a2e919cdd1ba4

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks