General

  • Target

    ce27d9e8b03a53d2d8f20445415b10dfcdf0ba90f0f9590ebc20c270430a0d38

  • Size

    172KB

  • Sample

    210615-hgxfwkc17x

  • MD5

    e93e765571d6a8f1af7df5e2a8150215

  • SHA1

    3209399796a747a45bff7a566911df51bccb0e61

  • SHA256

    ce27d9e8b03a53d2d8f20445415b10dfcdf0ba90f0f9590ebc20c270430a0d38

  • SHA512

    6706a0e37cb4bb970faef05c8d2611ab0177ea8f98eb8bc97ae90b157d0dca2574819aa5cdc65265d4bffe50e8f3f1ae47bd3255a7d91d69267bb1c69efe099d

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      ce27d9e8b03a53d2d8f20445415b10dfcdf0ba90f0f9590ebc20c270430a0d38

    • Size

      172KB

    • MD5

      e93e765571d6a8f1af7df5e2a8150215

    • SHA1

      3209399796a747a45bff7a566911df51bccb0e61

    • SHA256

      ce27d9e8b03a53d2d8f20445415b10dfcdf0ba90f0f9590ebc20c270430a0d38

    • SHA512

      6706a0e37cb4bb970faef05c8d2611ab0177ea8f98eb8bc97ae90b157d0dca2574819aa5cdc65265d4bffe50e8f3f1ae47bd3255a7d91d69267bb1c69efe099d

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks