General

  • Target

    c261de8453a08369203f83fb93f13ba9f7237a2b9b99e61dafc8f79bdd129c6b

  • Size

    170KB

  • Sample

    210615-xxsvc9z5y2

  • MD5

    88b8b54c0e778b547765b968443a5b28

  • SHA1

    816f3dcc70bb817086344653192cdfc7ace30ba7

  • SHA256

    c261de8453a08369203f83fb93f13ba9f7237a2b9b99e61dafc8f79bdd129c6b

  • SHA512

    7b8faa6ed6b2e8bf9505375f52f2dc2f08edfa969edc0b47b8ac62fdcc9da2924133afab03ca47fe58d2fd915e056b4c43800537ae9e760305e009985fb6c303

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      c261de8453a08369203f83fb93f13ba9f7237a2b9b99e61dafc8f79bdd129c6b

    • Size

      170KB

    • MD5

      88b8b54c0e778b547765b968443a5b28

    • SHA1

      816f3dcc70bb817086344653192cdfc7ace30ba7

    • SHA256

      c261de8453a08369203f83fb93f13ba9f7237a2b9b99e61dafc8f79bdd129c6b

    • SHA512

      7b8faa6ed6b2e8bf9505375f52f2dc2f08edfa969edc0b47b8ac62fdcc9da2924133afab03ca47fe58d2fd915e056b4c43800537ae9e760305e009985fb6c303

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks