General

  • Target

    b24fc03ee8b23810b20c204d5403ce1b444a985f32564833bcba77e6459e9b4c

  • Size

    170KB

  • Sample

    210615-l3fge6yz92

  • MD5

    d87b993586dd1df0e1de1d01c144ba58

  • SHA1

    19d7f3cd38702541d751b48b195cb3449e2b5c12

  • SHA256

    b24fc03ee8b23810b20c204d5403ce1b444a985f32564833bcba77e6459e9b4c

  • SHA512

    876bdaaac3dedac5c4be44cfee0578513c022b655376dd013a178101408f86736a5360b1cc971f98a6fe925a6312899ef3dbb91f8a544c76168e731f01eee612

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      b24fc03ee8b23810b20c204d5403ce1b444a985f32564833bcba77e6459e9b4c

    • Size

      170KB

    • MD5

      d87b993586dd1df0e1de1d01c144ba58

    • SHA1

      19d7f3cd38702541d751b48b195cb3449e2b5c12

    • SHA256

      b24fc03ee8b23810b20c204d5403ce1b444a985f32564833bcba77e6459e9b4c

    • SHA512

      876bdaaac3dedac5c4be44cfee0578513c022b655376dd013a178101408f86736a5360b1cc971f98a6fe925a6312899ef3dbb91f8a544c76168e731f01eee612

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks