General

  • Target

    bc20a97c8173e3c036e38147636a7a911e9d065fb68b507d306d4d9e07ada140

  • Size

    172KB

  • Sample

    210615-xlanycty6s

  • MD5

    07e8c1848b788ae05fe89c3d3d798af5

  • SHA1

    d3088eb9d24445a0fa6ee657cb75d5afc7fc782b

  • SHA256

    bc20a97c8173e3c036e38147636a7a911e9d065fb68b507d306d4d9e07ada140

  • SHA512

    bacf0ba89e0b3b5181c811feef8ee3395958c3f4c0677715fdaa285e1ebf31a7167ae4c7006bba068d6590b7cfc8401e9335a8a1d1fc78442335bd5e3f4aa3c7

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      bc20a97c8173e3c036e38147636a7a911e9d065fb68b507d306d4d9e07ada140

    • Size

      172KB

    • MD5

      07e8c1848b788ae05fe89c3d3d798af5

    • SHA1

      d3088eb9d24445a0fa6ee657cb75d5afc7fc782b

    • SHA256

      bc20a97c8173e3c036e38147636a7a911e9d065fb68b507d306d4d9e07ada140

    • SHA512

      bacf0ba89e0b3b5181c811feef8ee3395958c3f4c0677715fdaa285e1ebf31a7167ae4c7006bba068d6590b7cfc8401e9335a8a1d1fc78442335bd5e3f4aa3c7

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks