General

  • Target

    1637bc979ef1fe1420af6b2608de344c02d82228b52ae6db39b1e496494e72b7

  • Size

    172KB

  • Sample

    210615-hdzmkv54fs

  • MD5

    7cd671f5edda7bb929defdbbb254c844

  • SHA1

    4b20ef3c33f977e149024690490a715f77546385

  • SHA256

    1637bc979ef1fe1420af6b2608de344c02d82228b52ae6db39b1e496494e72b7

  • SHA512

    bd136d6520126e983e24e5dfdda7ca68c73332f9de286e3334dd02ab350de5c9710c9007d2791066ec783f80aeae8c9e1e78cb983b1935b8ba34d16120cbb67a

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      1637bc979ef1fe1420af6b2608de344c02d82228b52ae6db39b1e496494e72b7

    • Size

      172KB

    • MD5

      7cd671f5edda7bb929defdbbb254c844

    • SHA1

      4b20ef3c33f977e149024690490a715f77546385

    • SHA256

      1637bc979ef1fe1420af6b2608de344c02d82228b52ae6db39b1e496494e72b7

    • SHA512

      bd136d6520126e983e24e5dfdda7ca68c73332f9de286e3334dd02ab350de5c9710c9007d2791066ec783f80aeae8c9e1e78cb983b1935b8ba34d16120cbb67a

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks