General

  • Target

    3e566171e0b1c892285edaf97befea94870cabf67dd486b382186cabbcc2553c

  • Size

    172KB

  • Sample

    210615-k91bgn6w4s

  • MD5

    f12cdd0fa1f6904546016f78a5d0cafa

  • SHA1

    505eebd8ffde1b21b11e06ecfe013fca2f250dd7

  • SHA256

    3e566171e0b1c892285edaf97befea94870cabf67dd486b382186cabbcc2553c

  • SHA512

    50f904fc55520e4da710105ebd0b3042d5b5bc55eabbe730bb0fe4f78c05ff40b2e8cb1680f1705a415df1147e534da4549373908ac8e5f4ddd7b4cdbd7dec0a

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      3e566171e0b1c892285edaf97befea94870cabf67dd486b382186cabbcc2553c

    • Size

      172KB

    • MD5

      f12cdd0fa1f6904546016f78a5d0cafa

    • SHA1

      505eebd8ffde1b21b11e06ecfe013fca2f250dd7

    • SHA256

      3e566171e0b1c892285edaf97befea94870cabf67dd486b382186cabbcc2553c

    • SHA512

      50f904fc55520e4da710105ebd0b3042d5b5bc55eabbe730bb0fe4f78c05ff40b2e8cb1680f1705a415df1147e534da4549373908ac8e5f4ddd7b4cdbd7dec0a

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks