General

  • Target

    3441c7ac624f5b7d6163f62547e630f749acdc9aa1dfc5763231dbdae12e8756

  • Size

    170KB

  • Sample

    210615-k6gc34jxxn

  • MD5

    0855b9f8f6a55b2e377af317b57a87b3

  • SHA1

    10d017787a99cf6c5fad60e2707b024295644a93

  • SHA256

    3441c7ac624f5b7d6163f62547e630f749acdc9aa1dfc5763231dbdae12e8756

  • SHA512

    a7640d2044b9a9320fb8c0471838904c063b15d443476b968f52f283df6900ea71598d1dea427f8980f46cf0e616e3903bb99cce939d2f6d14a4f22d243ed81c

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      3441c7ac624f5b7d6163f62547e630f749acdc9aa1dfc5763231dbdae12e8756

    • Size

      170KB

    • MD5

      0855b9f8f6a55b2e377af317b57a87b3

    • SHA1

      10d017787a99cf6c5fad60e2707b024295644a93

    • SHA256

      3441c7ac624f5b7d6163f62547e630f749acdc9aa1dfc5763231dbdae12e8756

    • SHA512

      a7640d2044b9a9320fb8c0471838904c063b15d443476b968f52f283df6900ea71598d1dea427f8980f46cf0e616e3903bb99cce939d2f6d14a4f22d243ed81c

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks