General

  • Target

    52c02d961e50e37f79238681ebac59be7f262d14390fd11592d01822f58337c4

  • Size

    170KB

  • Sample

    210615-mhrcqdcwy2

  • MD5

    552c61b554f4e22f9a21e8fdb9609247

  • SHA1

    d2433af8006127932c4748cb0ffefbda2513c999

  • SHA256

    52c02d961e50e37f79238681ebac59be7f262d14390fd11592d01822f58337c4

  • SHA512

    f86aaee7d859d376dc717a2ebe82975b933bb2c40ea4ca4e640e356d0bd690176ff5fc76a59cc14393c1b7248cabef6bc5d0a456431fbda6117cf6cc494d8bd9

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      52c02d961e50e37f79238681ebac59be7f262d14390fd11592d01822f58337c4

    • Size

      170KB

    • MD5

      552c61b554f4e22f9a21e8fdb9609247

    • SHA1

      d2433af8006127932c4748cb0ffefbda2513c999

    • SHA256

      52c02d961e50e37f79238681ebac59be7f262d14390fd11592d01822f58337c4

    • SHA512

      f86aaee7d859d376dc717a2ebe82975b933bb2c40ea4ca4e640e356d0bd690176ff5fc76a59cc14393c1b7248cabef6bc5d0a456431fbda6117cf6cc494d8bd9

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks