General

  • Target

    9c09377e461e3ebf4ff3e4ac1032d6284e070e4f1dce3ac87cdc9bad996a5fb5

  • Size

    170KB

  • Sample

    210615-y2aq7qcz82

  • MD5

    7038bf60d38c64e05cf429158339f100

  • SHA1

    c2240d73f5a17000eb89602e6c9d3b1d4f3ed2a9

  • SHA256

    9c09377e461e3ebf4ff3e4ac1032d6284e070e4f1dce3ac87cdc9bad996a5fb5

  • SHA512

    3841a66f73337b4b078541440b1cd7eb38f50235491a5713a78df2e0c63977df1b4cd6d9e5937f6ff99f8fc4ed3af72647664945f322d6c01ffbf5464f2b1199

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      9c09377e461e3ebf4ff3e4ac1032d6284e070e4f1dce3ac87cdc9bad996a5fb5

    • Size

      170KB

    • MD5

      7038bf60d38c64e05cf429158339f100

    • SHA1

      c2240d73f5a17000eb89602e6c9d3b1d4f3ed2a9

    • SHA256

      9c09377e461e3ebf4ff3e4ac1032d6284e070e4f1dce3ac87cdc9bad996a5fb5

    • SHA512

      3841a66f73337b4b078541440b1cd7eb38f50235491a5713a78df2e0c63977df1b4cd6d9e5937f6ff99f8fc4ed3af72647664945f322d6c01ffbf5464f2b1199

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks