General

  • Target

    39bdc8e9e14253af296647dd0d9e2f17292d289856909a1d3f0cf03827b20298

  • Size

    170KB

  • Sample

    210615-vspd9c8kwe

  • MD5

    adb77de5d53edc707dc0ab4fb5a4c9d9

  • SHA1

    c82d73b9b3bf40d4170f328765684c64c4e62ba8

  • SHA256

    39bdc8e9e14253af296647dd0d9e2f17292d289856909a1d3f0cf03827b20298

  • SHA512

    7636773b74bac61f5af3d5f7b96aacba636e383446f48b802dfa0f371afee304540f1370655514cad974980b6663912b7c45cc501298ed31c09405f3742afa41

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      39bdc8e9e14253af296647dd0d9e2f17292d289856909a1d3f0cf03827b20298

    • Size

      170KB

    • MD5

      adb77de5d53edc707dc0ab4fb5a4c9d9

    • SHA1

      c82d73b9b3bf40d4170f328765684c64c4e62ba8

    • SHA256

      39bdc8e9e14253af296647dd0d9e2f17292d289856909a1d3f0cf03827b20298

    • SHA512

      7636773b74bac61f5af3d5f7b96aacba636e383446f48b802dfa0f371afee304540f1370655514cad974980b6663912b7c45cc501298ed31c09405f3742afa41

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks