General

  • Target

    eadb0e322c2899bf5eab4d885e9cfcec11c639b7174cac14640a01feb97ecc39

  • Size

    172KB

  • Sample

    210615-lfyhyz6h1e

  • MD5

    b7aac1a115b60e7f1a6e64779652b9e4

  • SHA1

    8a461aac4901b574c8c538cf893aaee0d431082f

  • SHA256

    eadb0e322c2899bf5eab4d885e9cfcec11c639b7174cac14640a01feb97ecc39

  • SHA512

    a1bbab07509ab2f767c1e897a145b4671601433f5e26b4c14151319075e43ee7b90fd59701de5037d80d468c00b1df1eea645d0fedfd8ed4386374fd9533a2cc

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      eadb0e322c2899bf5eab4d885e9cfcec11c639b7174cac14640a01feb97ecc39

    • Size

      172KB

    • MD5

      b7aac1a115b60e7f1a6e64779652b9e4

    • SHA1

      8a461aac4901b574c8c538cf893aaee0d431082f

    • SHA256

      eadb0e322c2899bf5eab4d885e9cfcec11c639b7174cac14640a01feb97ecc39

    • SHA512

      a1bbab07509ab2f767c1e897a145b4671601433f5e26b4c14151319075e43ee7b90fd59701de5037d80d468c00b1df1eea645d0fedfd8ed4386374fd9533a2cc

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks