General

  • Target

    d9833015c364d3d9f51b32797361d8bbe25bdb03c9731b8b54a3fbbfc3ef65b1

  • Size

    170KB

  • Sample

    210615-hz8cs6fdf2

  • MD5

    19410bcef61fceafbf425cd7835d2bdb

  • SHA1

    6ababa30de5a66db015b5ab0ab4f7ae0dc032e8e

  • SHA256

    d9833015c364d3d9f51b32797361d8bbe25bdb03c9731b8b54a3fbbfc3ef65b1

  • SHA512

    cdd0e1367ab92d30d0abedaff6cf0ee2ab9f610e4d22e543f47c7e8adac0dbe8571becab0e7c24568eaf806ab8eb2ee401fcaad7703042dff0b2d25cefb6285a

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      d9833015c364d3d9f51b32797361d8bbe25bdb03c9731b8b54a3fbbfc3ef65b1

    • Size

      170KB

    • MD5

      19410bcef61fceafbf425cd7835d2bdb

    • SHA1

      6ababa30de5a66db015b5ab0ab4f7ae0dc032e8e

    • SHA256

      d9833015c364d3d9f51b32797361d8bbe25bdb03c9731b8b54a3fbbfc3ef65b1

    • SHA512

      cdd0e1367ab92d30d0abedaff6cf0ee2ab9f610e4d22e543f47c7e8adac0dbe8571becab0e7c24568eaf806ab8eb2ee401fcaad7703042dff0b2d25cefb6285a

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks