General

  • Target

    5140392b840bbc19bd4f0a428e5d8b6f60aaa354b850dd5d0d660a44de363ea4

  • Size

    172KB

  • Sample

    210615-x6sv282jrs

  • MD5

    d0506c9f9158a9ee4ad53dd6a62e8e68

  • SHA1

    326283e2b6f8fe716c951def280418200d8d64df

  • SHA256

    5140392b840bbc19bd4f0a428e5d8b6f60aaa354b850dd5d0d660a44de363ea4

  • SHA512

    fe828d5313b0e9691132d51a963fe77b32dd96ad000a87776fb3e4b3ea161c0b2288ab92deb641c9d34a06092739cea2af01715385112c7120d21b5e66b8dbf4

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      5140392b840bbc19bd4f0a428e5d8b6f60aaa354b850dd5d0d660a44de363ea4

    • Size

      172KB

    • MD5

      d0506c9f9158a9ee4ad53dd6a62e8e68

    • SHA1

      326283e2b6f8fe716c951def280418200d8d64df

    • SHA256

      5140392b840bbc19bd4f0a428e5d8b6f60aaa354b850dd5d0d660a44de363ea4

    • SHA512

      fe828d5313b0e9691132d51a963fe77b32dd96ad000a87776fb3e4b3ea161c0b2288ab92deb641c9d34a06092739cea2af01715385112c7120d21b5e66b8dbf4

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks