General

  • Target

    c0cb31dc9c72192a5830298bf1dc2c9b7a6de8138aabca07037b878797586849

  • Size

    172KB

  • Sample

    210615-zysrmcltxn

  • MD5

    0d3b54382cc0746153a85d8bf32b6249

  • SHA1

    440c50e4e651bb5421a6cf9b752a35edf5e03e66

  • SHA256

    c0cb31dc9c72192a5830298bf1dc2c9b7a6de8138aabca07037b878797586849

  • SHA512

    17855972b46fd5ae9d4b8605d9dd0957a3bd0b3fc4a7eb2e10a5a07af3de89af8915cdbb141ac1196e205aac34748fa20c58f770de425b5e09a3c153307b7652

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
rc4.plain

Targets

    • Target

      c0cb31dc9c72192a5830298bf1dc2c9b7a6de8138aabca07037b878797586849

    • Size

      172KB

    • MD5

      0d3b54382cc0746153a85d8bf32b6249

    • SHA1

      440c50e4e651bb5421a6cf9b752a35edf5e03e66

    • SHA256

      c0cb31dc9c72192a5830298bf1dc2c9b7a6de8138aabca07037b878797586849

    • SHA512

      17855972b46fd5ae9d4b8605d9dd0957a3bd0b3fc4a7eb2e10a5a07af3de89af8915cdbb141ac1196e205aac34748fa20c58f770de425b5e09a3c153307b7652

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks