General

  • Target

    fd23255fa4450bb81f98a429bd716cde40c02323c1f6491a41504b276176bd2c

  • Size

    170KB

  • Sample

    210615-vlb23z2772

  • MD5

    69e4bb5ae12840d289806a5b21f88a75

  • SHA1

    6361bfad1b989d59bbaf5cf5de6e11c8fc03ec20

  • SHA256

    fd23255fa4450bb81f98a429bd716cde40c02323c1f6491a41504b276176bd2c

  • SHA512

    6c57ef04cedce5ce43a0918460286f8daaed661f1db59aaf4957c10ac3e9685c5c3ca98368fb4ce5f69c702a29014606c479167e537189bf6c735f4a897017e3

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      fd23255fa4450bb81f98a429bd716cde40c02323c1f6491a41504b276176bd2c

    • Size

      170KB

    • MD5

      69e4bb5ae12840d289806a5b21f88a75

    • SHA1

      6361bfad1b989d59bbaf5cf5de6e11c8fc03ec20

    • SHA256

      fd23255fa4450bb81f98a429bd716cde40c02323c1f6491a41504b276176bd2c

    • SHA512

      6c57ef04cedce5ce43a0918460286f8daaed661f1db59aaf4957c10ac3e9685c5c3ca98368fb4ce5f69c702a29014606c479167e537189bf6c735f4a897017e3

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks