General

  • Target

    16944cdee84ed185e87d033754e5bbef54f4e04747f6501cdd9df73633bfb650

  • Size

    172KB

  • Sample

    210615-xsysahpp4a

  • MD5

    7fa1a53f9fc238fe48a62a5e4c41816f

  • SHA1

    fa98779973f0b5b315efba59a6e0d8200c9ea54d

  • SHA256

    16944cdee84ed185e87d033754e5bbef54f4e04747f6501cdd9df73633bfb650

  • SHA512

    eb718516d72919326b05352e48c7477cf66c7dd822336ccef20d7fa9d89d4359e17728ec15572bd364317adbbc28d424c3e84be0a7cf35f6323e0baaf2431b1a

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      16944cdee84ed185e87d033754e5bbef54f4e04747f6501cdd9df73633bfb650

    • Size

      172KB

    • MD5

      7fa1a53f9fc238fe48a62a5e4c41816f

    • SHA1

      fa98779973f0b5b315efba59a6e0d8200c9ea54d

    • SHA256

      16944cdee84ed185e87d033754e5bbef54f4e04747f6501cdd9df73633bfb650

    • SHA512

      eb718516d72919326b05352e48c7477cf66c7dd822336ccef20d7fa9d89d4359e17728ec15572bd364317adbbc28d424c3e84be0a7cf35f6323e0baaf2431b1a

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks