General

  • Target

    a009821bdcab2d41e6c560800b66c211c2fe8f97a8077e9ce3e8fae79fd8b255

  • Size

    170KB

  • Sample

    210615-zln9xr9fl6

  • MD5

    d1f3d62c0fcb8e240d8affad5fa8da7f

  • SHA1

    5e2023dcbb1274c070637c8f65a2e9c6d3e371e6

  • SHA256

    a009821bdcab2d41e6c560800b66c211c2fe8f97a8077e9ce3e8fae79fd8b255

  • SHA512

    e7532de0eed920c1c53ecf6d0f775a9037bb4ae874680806ca4ce360b3989a9aeb33ee905e30e0959b06fc80dde2ae28474aab58cfbd8d632d6623b86d7688fb

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125

rc4.plain
rc4.plain

Targets

    • Target

      a009821bdcab2d41e6c560800b66c211c2fe8f97a8077e9ce3e8fae79fd8b255

    • Size

      170KB

    • MD5

      d1f3d62c0fcb8e240d8affad5fa8da7f

    • SHA1

      5e2023dcbb1274c070637c8f65a2e9c6d3e371e6

    • SHA256

      a009821bdcab2d41e6c560800b66c211c2fe8f97a8077e9ce3e8fae79fd8b255

    • SHA512

      e7532de0eed920c1c53ecf6d0f775a9037bb4ae874680806ca4ce360b3989a9aeb33ee905e30e0959b06fc80dde2ae28474aab58cfbd8d632d6623b86d7688fb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks