General

  • Target

    5_System.Numerics.dll

  • Size

    180KB

  • Sample

    211021-xsjyrsafd8

  • MD5

    4aa41378b7c700010b1a3ec72a588306

  • SHA1

    3d9ca1eb8a16c0350c233f291c399b177cccc980

  • SHA256

    7bbe546e2f5367c00bb05a53f122756098df9c75019167455c3bffa73e11a7e1

  • SHA512

    aa61fce6f9430580cd5c8f4a9b1d7d9781b96371cd4da00a4ed4bf6c16c872b6d20f291663bbd0a8ab84f1ed9e5bd8e2f4558395150f764e94648d9c05d94eee

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

212.237.17.99:443

176.28.17.160:6602

51.254.140.238:8333

rc4.plain
rc4.plain

Targets

    • Target

      5_System.Numerics.dll

    • Size

      180KB

    • MD5

      4aa41378b7c700010b1a3ec72a588306

    • SHA1

      3d9ca1eb8a16c0350c233f291c399b177cccc980

    • SHA256

      7bbe546e2f5367c00bb05a53f122756098df9c75019167455c3bffa73e11a7e1

    • SHA512

      aa61fce6f9430580cd5c8f4a9b1d7d9781b96371cd4da00a4ed4bf6c16c872b6d20f291663bbd0a8ab84f1ed9e5bd8e2f4558395150f764e94648d9c05d94eee

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks