General

  • Target

    b9de8865ed9d536b6e1a5be1ecb9b9f3dba69dd27b47b5813aa3ce504cdc1597

  • Size

    172KB

  • Sample

    210615-lfnjwbpfwx

  • MD5

    9e3d107532f0d31f235b71455ac39993

  • SHA1

    ecf13382c1c67fa49dcc27240d39df51bfe2af9f

  • SHA256

    b9de8865ed9d536b6e1a5be1ecb9b9f3dba69dd27b47b5813aa3ce504cdc1597

  • SHA512

    b4a947f5e7d0696c151ef7e08fe7e834fc6169a70b0f041d2606b563efafc2314903911ae719ca72baee1cf67a596100636f0ae2fc54e3c2e412db5a52a93ca2

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      b9de8865ed9d536b6e1a5be1ecb9b9f3dba69dd27b47b5813aa3ce504cdc1597

    • Size

      172KB

    • MD5

      9e3d107532f0d31f235b71455ac39993

    • SHA1

      ecf13382c1c67fa49dcc27240d39df51bfe2af9f

    • SHA256

      b9de8865ed9d536b6e1a5be1ecb9b9f3dba69dd27b47b5813aa3ce504cdc1597

    • SHA512

      b4a947f5e7d0696c151ef7e08fe7e834fc6169a70b0f041d2606b563efafc2314903911ae719ca72baee1cf67a596100636f0ae2fc54e3c2e412db5a52a93ca2

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks