General

  • Target

    8b951b6e89e5eebf88f78940838d63dddbdb5865c49212248c289047401094b9

  • Size

    170KB

  • Sample

    210615-yyyd4zhd1x

  • MD5

    4059f5379095b4fcca26e379dd715948

  • SHA1

    baf5cb79c8d41ed2d7164d5499c29557a06056e1

  • SHA256

    8b951b6e89e5eebf88f78940838d63dddbdb5865c49212248c289047401094b9

  • SHA512

    fab5d8341c9cfbf0dfe4666c091ad2edaf600324214d431a0feb691ec6b078f7d970d2174fc0952f2b4d621453cd635bcac253936f05b63400a3423e4d090cc8

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      8b951b6e89e5eebf88f78940838d63dddbdb5865c49212248c289047401094b9

    • Size

      170KB

    • MD5

      4059f5379095b4fcca26e379dd715948

    • SHA1

      baf5cb79c8d41ed2d7164d5499c29557a06056e1

    • SHA256

      8b951b6e89e5eebf88f78940838d63dddbdb5865c49212248c289047401094b9

    • SHA512

      fab5d8341c9cfbf0dfe4666c091ad2edaf600324214d431a0feb691ec6b078f7d970d2174fc0952f2b4d621453cd635bcac253936f05b63400a3423e4d090cc8

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks