General

  • Target

    2ec56624428b474112346830f18c7d277f925d3297dbcdf444fef39c48f1f9a0

  • Size

    170KB

  • Sample

    210615-z417xjplma

  • MD5

    df7343b983dee0ecd934b469278e0ca0

  • SHA1

    54dd181e474f841c866242fe5d20fdd107b676be

  • SHA256

    2ec56624428b474112346830f18c7d277f925d3297dbcdf444fef39c48f1f9a0

  • SHA512

    09ae482313d600c9526bb8ccc44ce97290c1cd9748a17ce823b9f7ee2d6ff68337c1a56b98046a4f49afd0b358f9f6a99c44e519b023fc044be265c483e52ee6

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      2ec56624428b474112346830f18c7d277f925d3297dbcdf444fef39c48f1f9a0

    • Size

      170KB

    • MD5

      df7343b983dee0ecd934b469278e0ca0

    • SHA1

      54dd181e474f841c866242fe5d20fdd107b676be

    • SHA256

      2ec56624428b474112346830f18c7d277f925d3297dbcdf444fef39c48f1f9a0

    • SHA512

      09ae482313d600c9526bb8ccc44ce97290c1cd9748a17ce823b9f7ee2d6ff68337c1a56b98046a4f49afd0b358f9f6a99c44e519b023fc044be265c483e52ee6

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks