General

  • Target

    0ea0f50114a34e5af0d85c92a86a914ed172898a87a5005678ab108bc76ab0dc

  • Size

    172KB

  • Sample

    210615-jh9gctwcbs

  • MD5

    c00f621f37bc67c3591ff2843111bd53

  • SHA1

    9bad3791c68e3900ec004c7cc3dd033365b8a9db

  • SHA256

    0ea0f50114a34e5af0d85c92a86a914ed172898a87a5005678ab108bc76ab0dc

  • SHA512

    36122520c8f7f1f51daf8898dc5651c2f9ec402b0830ad27320b1ac5e210321d13a44162d16f9a47aa79fff6461feb5f019a8284c63c4f4a2c6330283669d30e

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      0ea0f50114a34e5af0d85c92a86a914ed172898a87a5005678ab108bc76ab0dc

    • Size

      172KB

    • MD5

      c00f621f37bc67c3591ff2843111bd53

    • SHA1

      9bad3791c68e3900ec004c7cc3dd033365b8a9db

    • SHA256

      0ea0f50114a34e5af0d85c92a86a914ed172898a87a5005678ab108bc76ab0dc

    • SHA512

      36122520c8f7f1f51daf8898dc5651c2f9ec402b0830ad27320b1ac5e210321d13a44162d16f9a47aa79fff6461feb5f019a8284c63c4f4a2c6330283669d30e

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks