General

  • Target

    d7f1e92d3f28ad478f54c0ba2e8bf1744b5ca4c6c91c7c8788be62bd981a09d1

  • Size

    172KB

  • Sample

    210615-h9e94ggzb2

  • MD5

    65f3f152239760f6c71fd43ca315c0be

  • SHA1

    735425f0ccdf5d6a248681a803b354a58e26d607

  • SHA256

    d7f1e92d3f28ad478f54c0ba2e8bf1744b5ca4c6c91c7c8788be62bd981a09d1

  • SHA512

    cb2654831ee66661d0534d8c613ada451f389b383adf3bde9cb233182bd11f57f1a01201fdcff097b6f6cb0c32a473c764a833ae721e96da75c956cfc0cf9fa8

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      d7f1e92d3f28ad478f54c0ba2e8bf1744b5ca4c6c91c7c8788be62bd981a09d1

    • Size

      172KB

    • MD5

      65f3f152239760f6c71fd43ca315c0be

    • SHA1

      735425f0ccdf5d6a248681a803b354a58e26d607

    • SHA256

      d7f1e92d3f28ad478f54c0ba2e8bf1744b5ca4c6c91c7c8788be62bd981a09d1

    • SHA512

      cb2654831ee66661d0534d8c613ada451f389b383adf3bde9cb233182bd11f57f1a01201fdcff097b6f6cb0c32a473c764a833ae721e96da75c956cfc0cf9fa8

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks