General

  • Target

    d2a8f81b1b4d6dc29eb856fae1bba984586d786938aa2ee7a05d6039b5b2dd3f

  • Size

    172KB

  • Sample

    210615-kg6vhmpv4j

  • MD5

    5d4ecc9c667e57bc9593113f2a7a41b5

  • SHA1

    ca9ef18f8773db95fe02b1cd1398248b5c87347e

  • SHA256

    d2a8f81b1b4d6dc29eb856fae1bba984586d786938aa2ee7a05d6039b5b2dd3f

  • SHA512

    e0770f5f4e5f5b82443dc486c82c488d67019d5bb6284f36af941552786c4be1925309053cfbb3cb06d3af70d63d0e091065118ef44dbba4c3c768366789481d

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      d2a8f81b1b4d6dc29eb856fae1bba984586d786938aa2ee7a05d6039b5b2dd3f

    • Size

      172KB

    • MD5

      5d4ecc9c667e57bc9593113f2a7a41b5

    • SHA1

      ca9ef18f8773db95fe02b1cd1398248b5c87347e

    • SHA256

      d2a8f81b1b4d6dc29eb856fae1bba984586d786938aa2ee7a05d6039b5b2dd3f

    • SHA512

      e0770f5f4e5f5b82443dc486c82c488d67019d5bb6284f36af941552786c4be1925309053cfbb3cb06d3af70d63d0e091065118ef44dbba4c3c768366789481d

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks