General

  • Target

    2ee6b4c7aecc803b6f3c994e0eca8fbc294028b0ad5326ce104d2454108bf807

  • Size

    170KB

  • Sample

    210615-r9vkcclbg2

  • MD5

    e1afa34429a7868e7ff46a69f3bbf8e7

  • SHA1

    5fed7c2fd64642757098109ed6349136b9365dff

  • SHA256

    2ee6b4c7aecc803b6f3c994e0eca8fbc294028b0ad5326ce104d2454108bf807

  • SHA512

    4748a5d1475267468be64430f308d0e35408eb8f774ad4436170bbbec3a3696a571dd7913f5b84acf472a156c69a74664b71025ba9af3b9744afc61fbe097ab0

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      2ee6b4c7aecc803b6f3c994e0eca8fbc294028b0ad5326ce104d2454108bf807

    • Size

      170KB

    • MD5

      e1afa34429a7868e7ff46a69f3bbf8e7

    • SHA1

      5fed7c2fd64642757098109ed6349136b9365dff

    • SHA256

      2ee6b4c7aecc803b6f3c994e0eca8fbc294028b0ad5326ce104d2454108bf807

    • SHA512

      4748a5d1475267468be64430f308d0e35408eb8f774ad4436170bbbec3a3696a571dd7913f5b84acf472a156c69a74664b71025ba9af3b9744afc61fbe097ab0

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks