General

  • Target

    21332d4ca5de1cd02dd3ae07c9d96780158067129c090b1ff59969e04e715c38

  • Size

    170KB

  • Sample

    210615-zetd7439yn

  • MD5

    18e0728fc7343811e9bb14f1ac009653

  • SHA1

    a4235ea2c466985b7ecfea01a76fc5afc4e919ea

  • SHA256

    21332d4ca5de1cd02dd3ae07c9d96780158067129c090b1ff59969e04e715c38

  • SHA512

    aae1a4482eaba1a94c5e994684d0b75b742add6a3483779714d270be4673f379f11d3b46f12dcf7a2179bccc9a2749cdfce5db86df0002f542deb48dfd5f5185

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      21332d4ca5de1cd02dd3ae07c9d96780158067129c090b1ff59969e04e715c38

    • Size

      170KB

    • MD5

      18e0728fc7343811e9bb14f1ac009653

    • SHA1

      a4235ea2c466985b7ecfea01a76fc5afc4e919ea

    • SHA256

      21332d4ca5de1cd02dd3ae07c9d96780158067129c090b1ff59969e04e715c38

    • SHA512

      aae1a4482eaba1a94c5e994684d0b75b742add6a3483779714d270be4673f379f11d3b46f12dcf7a2179bccc9a2749cdfce5db86df0002f542deb48dfd5f5185

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks