General

  • Target

    2c54438f5d99d15e5df3965397e25a0fa17ca7f08d317eb4bf31d1268e10f020

  • Size

    176KB

  • Sample

    210721-71rte91dq2

  • MD5

    397b799c357562c5a8061a39514d7785

  • SHA1

    80d3d5366f47d3462ea9e688f444066d7fce2a24

  • SHA256

    2c54438f5d99d15e5df3965397e25a0fa17ca7f08d317eb4bf31d1268e10f020

  • SHA512

    bbec10e5d321ee33184cb2b450296103333196e0d9b71c7066bdf6ef5ea011210f6c28ada19532cff1ad22df577e7b40a39b2fa1adabb525b91a1b19e097f70b

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

178.238.236.59:443

104.245.52.73:5007

81.0.236.93:13786

rc4.plain
rc4.plain

Targets

    • Target

      2c54438f5d99d15e5df3965397e25a0fa17ca7f08d317eb4bf31d1268e10f020

    • Size

      176KB

    • MD5

      397b799c357562c5a8061a39514d7785

    • SHA1

      80d3d5366f47d3462ea9e688f444066d7fce2a24

    • SHA256

      2c54438f5d99d15e5df3965397e25a0fa17ca7f08d317eb4bf31d1268e10f020

    • SHA512

      bbec10e5d321ee33184cb2b450296103333196e0d9b71c7066bdf6ef5ea011210f6c28ada19532cff1ad22df577e7b40a39b2fa1adabb525b91a1b19e097f70b

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks