General

  • Target

    72487a29a96c83f98ded7b821a2f7caf88e69a9405430fc67e6565d20ff1147b

  • Size

    170KB

  • Sample

    210615-qlzqd2118j

  • MD5

    e88fcae71b18ace1e314040789d5efe6

  • SHA1

    ab2deee7cc91060b09bc5ba8eb847b257008aa35

  • SHA256

    72487a29a96c83f98ded7b821a2f7caf88e69a9405430fc67e6565d20ff1147b

  • SHA512

    55471cb98f02343693575df6f73d8885b33b8c329b79373acc1c7b461dcdf7ef020ca6f4f94d938adddedf1667d9c74b5eaa96e8022bce5efa3c3ae0ebcd81ec

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      72487a29a96c83f98ded7b821a2f7caf88e69a9405430fc67e6565d20ff1147b

    • Size

      170KB

    • MD5

      e88fcae71b18ace1e314040789d5efe6

    • SHA1

      ab2deee7cc91060b09bc5ba8eb847b257008aa35

    • SHA256

      72487a29a96c83f98ded7b821a2f7caf88e69a9405430fc67e6565d20ff1147b

    • SHA512

      55471cb98f02343693575df6f73d8885b33b8c329b79373acc1c7b461dcdf7ef020ca6f4f94d938adddedf1667d9c74b5eaa96e8022bce5efa3c3ae0ebcd81ec

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks