General

  • Target

    776a4410814e8f901746b6efa728cedca85c15f28c6e5be2f3fb9799c4c802cc

  • Size

    172KB

  • Sample

    210615-qb2fk2mr4e

  • MD5

    8eed041e1f77c340783c69e01d625c7c

  • SHA1

    83cabb5b7e2f7266ccf84ff240ac754d509ebbda

  • SHA256

    776a4410814e8f901746b6efa728cedca85c15f28c6e5be2f3fb9799c4c802cc

  • SHA512

    1156722c25527ff6e619ee07dce19dc4cc04d5bed3bfa97e2b1eb0c10edc15b3a80cc9d876f577dcdc539e3b5b62888872343203ac95cfb6cfd27209da672fe4

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      776a4410814e8f901746b6efa728cedca85c15f28c6e5be2f3fb9799c4c802cc

    • Size

      172KB

    • MD5

      8eed041e1f77c340783c69e01d625c7c

    • SHA1

      83cabb5b7e2f7266ccf84ff240ac754d509ebbda

    • SHA256

      776a4410814e8f901746b6efa728cedca85c15f28c6e5be2f3fb9799c4c802cc

    • SHA512

      1156722c25527ff6e619ee07dce19dc4cc04d5bed3bfa97e2b1eb0c10edc15b3a80cc9d876f577dcdc539e3b5b62888872343203ac95cfb6cfd27209da672fe4

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks