General

  • Target

    bf4d8c7e8e3f79dabbb383bcea6a07668cfc85cbcf487ac4fb2a3c46a6c6b49e

  • Size

    170KB

  • Sample

    210615-j3xjzm4mvj

  • MD5

    d92e9227354294109e3657dab909d4e1

  • SHA1

    2b71defedb15e91365877ca3f6e51d05e484512c

  • SHA256

    bf4d8c7e8e3f79dabbb383bcea6a07668cfc85cbcf487ac4fb2a3c46a6c6b49e

  • SHA512

    44125ae5e94f1fae212f5d52cb25bb9f564adedeac69d0e2cad62d8e4b1d48c8f59dc99e86436f4e39367459b9b19d0e1b0395b08ca154a26878035a94bb0c24

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      bf4d8c7e8e3f79dabbb383bcea6a07668cfc85cbcf487ac4fb2a3c46a6c6b49e

    • Size

      170KB

    • MD5

      d92e9227354294109e3657dab909d4e1

    • SHA1

      2b71defedb15e91365877ca3f6e51d05e484512c

    • SHA256

      bf4d8c7e8e3f79dabbb383bcea6a07668cfc85cbcf487ac4fb2a3c46a6c6b49e

    • SHA512

      44125ae5e94f1fae212f5d52cb25bb9f564adedeac69d0e2cad62d8e4b1d48c8f59dc99e86436f4e39367459b9b19d0e1b0395b08ca154a26878035a94bb0c24

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks