General

  • Target

    b7d823356e7540b5df1a4ea06a6d2056612d7bd62b1d4a69614c219b168891ae

  • Size

    172KB

  • Sample

    210615-lvcxykpmwx

  • MD5

    6287d70461d9bafd30a5ced2c78c92aa

  • SHA1

    5ac0e388db8c5f748c374438e977c52e5e3600a0

  • SHA256

    b7d823356e7540b5df1a4ea06a6d2056612d7bd62b1d4a69614c219b168891ae

  • SHA512

    f96ad0f108dc9562c71ba04b775b7db7e0d44c11a76c2319cdfeb71bc988bd03d962e42495fb3236358a79fbcd17c48a108765b994c87af0a8a420ad51c8f976

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      b7d823356e7540b5df1a4ea06a6d2056612d7bd62b1d4a69614c219b168891ae

    • Size

      172KB

    • MD5

      6287d70461d9bafd30a5ced2c78c92aa

    • SHA1

      5ac0e388db8c5f748c374438e977c52e5e3600a0

    • SHA256

      b7d823356e7540b5df1a4ea06a6d2056612d7bd62b1d4a69614c219b168891ae

    • SHA512

      f96ad0f108dc9562c71ba04b775b7db7e0d44c11a76c2319cdfeb71bc988bd03d962e42495fb3236358a79fbcd17c48a108765b994c87af0a8a420ad51c8f976

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks