General

  • Target

    61d754c51d4824707241d19ff1e2a5704668e827b3c140ce286c05c1d0422a3e

  • Size

    172KB

  • Sample

    210615-mgbpkt76fx

  • MD5

    ccb7d91134d0c4a2cd41cc47fc4a0575

  • SHA1

    0d7c0f0378116020fe8ad8eda3e8610cb87fa3e7

  • SHA256

    61d754c51d4824707241d19ff1e2a5704668e827b3c140ce286c05c1d0422a3e

  • SHA512

    0a593c919eacee8d61ebfbdd75997633b9cde68185b50398f4211b7462116dba6a54ae3eb00db5cf7fcad070e9091bc8b3de6fb596015045016db180eeb98db5

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      61d754c51d4824707241d19ff1e2a5704668e827b3c140ce286c05c1d0422a3e

    • Size

      172KB

    • MD5

      ccb7d91134d0c4a2cd41cc47fc4a0575

    • SHA1

      0d7c0f0378116020fe8ad8eda3e8610cb87fa3e7

    • SHA256

      61d754c51d4824707241d19ff1e2a5704668e827b3c140ce286c05c1d0422a3e

    • SHA512

      0a593c919eacee8d61ebfbdd75997633b9cde68185b50398f4211b7462116dba6a54ae3eb00db5cf7fcad070e9091bc8b3de6fb596015045016db180eeb98db5

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks