General

  • Target

    8255ac83ac4522d4f80b438bde5e90da9343df42ce59c8ef41e3a5f613cb6593

  • Size

    170KB

  • Sample

    210615-hg63nd7k12

  • MD5

    3ce711490867be7c717fd31ce9b22673

  • SHA1

    18f65e643d83b387f5ecab801a26f9defdb2386a

  • SHA256

    8255ac83ac4522d4f80b438bde5e90da9343df42ce59c8ef41e3a5f613cb6593

  • SHA512

    5e08bf5b40341de443d8e74179caa10c954fc6ff25b858016a31a1816853bf08c124f2a76c075827a8d0f6b0561dfa4e4e3ee052db2ef391214a3213775b2dc7

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      8255ac83ac4522d4f80b438bde5e90da9343df42ce59c8ef41e3a5f613cb6593

    • Size

      170KB

    • MD5

      3ce711490867be7c717fd31ce9b22673

    • SHA1

      18f65e643d83b387f5ecab801a26f9defdb2386a

    • SHA256

      8255ac83ac4522d4f80b438bde5e90da9343df42ce59c8ef41e3a5f613cb6593

    • SHA512

      5e08bf5b40341de443d8e74179caa10c954fc6ff25b858016a31a1816853bf08c124f2a76c075827a8d0f6b0561dfa4e4e3ee052db2ef391214a3213775b2dc7

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks