General

  • Target

    6_mqtrig.dll

  • Size

    180KB

  • Sample

    211020-tztj1ahcg8

  • MD5

    e9111abf76f914c5d8831d39e0fe71e5

  • SHA1

    bba7a5a184577daef489cd5b7d00851e767a5164

  • SHA256

    75adbe053b2e26da9cf6681eddf9b282e8e2c3ee20cfc60bd3ee7fab471dda9b

  • SHA512

    d4728310013f54337abc175a52b79ce8524d42b4d41106a0636bace1dbfb7904b984431c16078118e3e97c1c5ed15f5aa4dba909c32e10041352a72a478a94d2

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

155.138.203.91:443

207.180.220.242:8116

46.101.142.214:6891

rc4.plain
rc4.plain

Targets

    • Target

      6_mqtrig.dll

    • Size

      180KB

    • MD5

      e9111abf76f914c5d8831d39e0fe71e5

    • SHA1

      bba7a5a184577daef489cd5b7d00851e767a5164

    • SHA256

      75adbe053b2e26da9cf6681eddf9b282e8e2c3ee20cfc60bd3ee7fab471dda9b

    • SHA512

      d4728310013f54337abc175a52b79ce8524d42b4d41106a0636bace1dbfb7904b984431c16078118e3e97c1c5ed15f5aa4dba909c32e10041352a72a478a94d2

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks