General

  • Target

    12cc1b829bb9cbe2c4050f06c0c5d383d73abaa4f70e3dd728124f51b7336627

  • Size

    170KB

  • Sample

    210615-w9bxzjn8bn

  • MD5

    75cadce474b6074571e074e941e7f27a

  • SHA1

    f723bb4cd90a08517581f7dfaf87c21bc50b7b52

  • SHA256

    12cc1b829bb9cbe2c4050f06c0c5d383d73abaa4f70e3dd728124f51b7336627

  • SHA512

    7a85883e36c7aa2e7ac9c85a7f5f98d3921fe8cc47d1dcdd9185da253d59d35ff47f4872c5e90bb81f8e5af8c93b30dd6835136690222ac6eae907538b641e77

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      12cc1b829bb9cbe2c4050f06c0c5d383d73abaa4f70e3dd728124f51b7336627

    • Size

      170KB

    • MD5

      75cadce474b6074571e074e941e7f27a

    • SHA1

      f723bb4cd90a08517581f7dfaf87c21bc50b7b52

    • SHA256

      12cc1b829bb9cbe2c4050f06c0c5d383d73abaa4f70e3dd728124f51b7336627

    • SHA512

      7a85883e36c7aa2e7ac9c85a7f5f98d3921fe8cc47d1dcdd9185da253d59d35ff47f4872c5e90bb81f8e5af8c93b30dd6835136690222ac6eae907538b641e77

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks