General

  • Target

    7223ca685a4ab00030c1bcc99ce27b2c78719b30b441a32bd91cb8c10492b20a

  • Size

    172KB

  • Sample

    210615-we14h37wqa

  • MD5

    b8f5c335b946eff6a81cf60d11c7cab0

  • SHA1

    dc92d16a6bc28a83aa4aca6b9123537c798c3f23

  • SHA256

    7223ca685a4ab00030c1bcc99ce27b2c78719b30b441a32bd91cb8c10492b20a

  • SHA512

    319a603de85414d6448835c27e080ed21113b5defd2396fac507ec971f478e048ed7ef15b92ff96e8bdcee7452ece9d8a9d3e4cca776f09812f8f5dd4d2ca17a

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      7223ca685a4ab00030c1bcc99ce27b2c78719b30b441a32bd91cb8c10492b20a

    • Size

      172KB

    • MD5

      b8f5c335b946eff6a81cf60d11c7cab0

    • SHA1

      dc92d16a6bc28a83aa4aca6b9123537c798c3f23

    • SHA256

      7223ca685a4ab00030c1bcc99ce27b2c78719b30b441a32bd91cb8c10492b20a

    • SHA512

      319a603de85414d6448835c27e080ed21113b5defd2396fac507ec971f478e048ed7ef15b92ff96e8bdcee7452ece9d8a9d3e4cca776f09812f8f5dd4d2ca17a

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks