General

  • Target

    fab9951c6543ce6dbd96475869175b10e18583a131a193ef4440f5727563806b

  • Size

    172KB

  • Sample

    210615-j2z81yl9c6

  • MD5

    917179483704289d05c24356c2b57695

  • SHA1

    5bcfc96182f435940c2e5153339fd177e79ac32c

  • SHA256

    fab9951c6543ce6dbd96475869175b10e18583a131a193ef4440f5727563806b

  • SHA512

    adc98c018145eb9c9148162d626c032442042c7510fcadf58bed7cc0dcf6c1c6ad2ac92b259dd52b2008ccbaa3916ef52efd936d72179055d0dcefefaf76dacc

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      fab9951c6543ce6dbd96475869175b10e18583a131a193ef4440f5727563806b

    • Size

      172KB

    • MD5

      917179483704289d05c24356c2b57695

    • SHA1

      5bcfc96182f435940c2e5153339fd177e79ac32c

    • SHA256

      fab9951c6543ce6dbd96475869175b10e18583a131a193ef4440f5727563806b

    • SHA512

      adc98c018145eb9c9148162d626c032442042c7510fcadf58bed7cc0dcf6c1c6ad2ac92b259dd52b2008ccbaa3916ef52efd936d72179055d0dcefefaf76dacc

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks