General

  • Target

    7b17b0a80d42e2f35edfa79a885e94b7d7984521c353cea5ccfd811de364c330

  • Size

    172KB

  • Sample

    210615-tm8rr858jn

  • MD5

    0d866c9318d75b0d1407a801a1af1554

  • SHA1

    94bba30214b6e59de024463f4a0d939aedd4a725

  • SHA256

    7b17b0a80d42e2f35edfa79a885e94b7d7984521c353cea5ccfd811de364c330

  • SHA512

    f821e757a8ff6da82807fc838c7840a016911ed5a7de2330d69b6a13af379470f6a91eaed4a1da698e8a2e075f277f14981c691fad580ba3d7042b726b2c0401

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      7b17b0a80d42e2f35edfa79a885e94b7d7984521c353cea5ccfd811de364c330

    • Size

      172KB

    • MD5

      0d866c9318d75b0d1407a801a1af1554

    • SHA1

      94bba30214b6e59de024463f4a0d939aedd4a725

    • SHA256

      7b17b0a80d42e2f35edfa79a885e94b7d7984521c353cea5ccfd811de364c330

    • SHA512

      f821e757a8ff6da82807fc838c7840a016911ed5a7de2330d69b6a13af379470f6a91eaed4a1da698e8a2e075f277f14981c691fad580ba3d7042b726b2c0401

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks