General

  • Target

    8bf3d06e194cf341c2b804929a03fcb2dac25ddc834262c692eb7d3b4a8a2d16

  • Size

    172KB

  • Sample

    210615-nlx5fx44rs

  • MD5

    3bc2e03997661a33ae5583402b03384f

  • SHA1

    2d0224beef2e04f5b789f91ea60f43820e112622

  • SHA256

    8bf3d06e194cf341c2b804929a03fcb2dac25ddc834262c692eb7d3b4a8a2d16

  • SHA512

    37feae5ce49ba6f45029da1838f2d74c82e5c63e9bb5205f387917b5eae99d71f0efa2705f4d3def72b9da0893448f435ab2e4ed62638ee2678a1493f332d0ef

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      8bf3d06e194cf341c2b804929a03fcb2dac25ddc834262c692eb7d3b4a8a2d16

    • Size

      172KB

    • MD5

      3bc2e03997661a33ae5583402b03384f

    • SHA1

      2d0224beef2e04f5b789f91ea60f43820e112622

    • SHA256

      8bf3d06e194cf341c2b804929a03fcb2dac25ddc834262c692eb7d3b4a8a2d16

    • SHA512

      37feae5ce49ba6f45029da1838f2d74c82e5c63e9bb5205f387917b5eae99d71f0efa2705f4d3def72b9da0893448f435ab2e4ed62638ee2678a1493f332d0ef

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks