General

  • Target

    9e0f25afbee0cc649e8497cc405d55b6908d3644f175a094b389e610949bc16f

  • Size

    170KB

  • Sample

    210615-n5kwpbq8cn

  • MD5

    4fac2af564080d544c2130cc0db411a1

  • SHA1

    128522b840ef80cbd071f40ec02295c09b0e2c3b

  • SHA256

    9e0f25afbee0cc649e8497cc405d55b6908d3644f175a094b389e610949bc16f

  • SHA512

    a90288df0e26d86713f32a02f21f69d61c7377f72c6f3e1b3b644c84c6cc7d91b92c6adb12d143a9db113085ed48e29b5e74735e19288dba7377a6eb907db1a6

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      9e0f25afbee0cc649e8497cc405d55b6908d3644f175a094b389e610949bc16f

    • Size

      170KB

    • MD5

      4fac2af564080d544c2130cc0db411a1

    • SHA1

      128522b840ef80cbd071f40ec02295c09b0e2c3b

    • SHA256

      9e0f25afbee0cc649e8497cc405d55b6908d3644f175a094b389e610949bc16f

    • SHA512

      a90288df0e26d86713f32a02f21f69d61c7377f72c6f3e1b3b644c84c6cc7d91b92c6adb12d143a9db113085ed48e29b5e74735e19288dba7377a6eb907db1a6

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks