General

  • Target

    924f0686867dcd57bb3f6a13825b811aeeb6fbf118a96b6c5e66e0d19bc17a18

  • Size

    172KB

  • Sample

    210615-pl6zwndw5s

  • MD5

    be61d5efb85ad3c034e26bdfc7f9dc1d

  • SHA1

    48188cccf8d0e731ad2c95dfc24ff6e5bc92ba03

  • SHA256

    924f0686867dcd57bb3f6a13825b811aeeb6fbf118a96b6c5e66e0d19bc17a18

  • SHA512

    6e2b62204f8e882e27084bc7fdf1fd78d4c0ecdfa17c87020a25f5d017c0d6cdbc52350ca40e8d7334edb3e3b8a428bef95ed3cb6705d954cd0304dee4e62745

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      924f0686867dcd57bb3f6a13825b811aeeb6fbf118a96b6c5e66e0d19bc17a18

    • Size

      172KB

    • MD5

      be61d5efb85ad3c034e26bdfc7f9dc1d

    • SHA1

      48188cccf8d0e731ad2c95dfc24ff6e5bc92ba03

    • SHA256

      924f0686867dcd57bb3f6a13825b811aeeb6fbf118a96b6c5e66e0d19bc17a18

    • SHA512

      6e2b62204f8e882e27084bc7fdf1fd78d4c0ecdfa17c87020a25f5d017c0d6cdbc52350ca40e8d7334edb3e3b8a428bef95ed3cb6705d954cd0304dee4e62745

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks