General

  • Target

    6d9281c0e5ee80c00b363f1b2277c8aa3b8317cd5e66e8f05eb517408e70d181

  • Size

    172KB

  • Sample

    210615-lbaq2bj4ra

  • MD5

    912a42ae15e66c1149ec8e8be2573447

  • SHA1

    0d64171fe59bbf8b3775f38ca584e0e35a9f3152

  • SHA256

    6d9281c0e5ee80c00b363f1b2277c8aa3b8317cd5e66e8f05eb517408e70d181

  • SHA512

    cb01ef1b564bc02aa7b944136f8184e7166312e30dfe36a9c16f1a8c1370f6f5dbdca11c80004acf459ef31d9c66221804e7e11b4c24bb453745dec6f091b566

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      6d9281c0e5ee80c00b363f1b2277c8aa3b8317cd5e66e8f05eb517408e70d181

    • Size

      172KB

    • MD5

      912a42ae15e66c1149ec8e8be2573447

    • SHA1

      0d64171fe59bbf8b3775f38ca584e0e35a9f3152

    • SHA256

      6d9281c0e5ee80c00b363f1b2277c8aa3b8317cd5e66e8f05eb517408e70d181

    • SHA512

      cb01ef1b564bc02aa7b944136f8184e7166312e30dfe36a9c16f1a8c1370f6f5dbdca11c80004acf459ef31d9c66221804e7e11b4c24bb453745dec6f091b566

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks