General

  • Target

    b11245fc335ab66b11218be9c3d666f44ebb7b1edf7d15c801317ab47598f095

  • Size

    172KB

  • Sample

    210615-p8ngcrh8jj

  • MD5

    9562e38dd5ec6f61d19d8be316f43223

  • SHA1

    0b6a4cce01f93dcbb9f82b638c457a67149e5b49

  • SHA256

    b11245fc335ab66b11218be9c3d666f44ebb7b1edf7d15c801317ab47598f095

  • SHA512

    09db92dd8f28c8e3021d348dea83b97dc0ada015e4f721344ba7d7a3335a9026050f1020a69cfcbd916039c178bbb1d6e74b1507329e694c2dfa613c1f986ff9

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      b11245fc335ab66b11218be9c3d666f44ebb7b1edf7d15c801317ab47598f095

    • Size

      172KB

    • MD5

      9562e38dd5ec6f61d19d8be316f43223

    • SHA1

      0b6a4cce01f93dcbb9f82b638c457a67149e5b49

    • SHA256

      b11245fc335ab66b11218be9c3d666f44ebb7b1edf7d15c801317ab47598f095

    • SHA512

      09db92dd8f28c8e3021d348dea83b97dc0ada015e4f721344ba7d7a3335a9026050f1020a69cfcbd916039c178bbb1d6e74b1507329e694c2dfa613c1f986ff9

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks