General

  • Target

    8_hp8500at.dll

  • Size

    180KB

  • Sample

    211021-ydsg2abfap

  • MD5

    f8c801f32b822d210bbb788407ed29cf

  • SHA1

    bc6b2888442a55b42d4aadf563a7383cafe20de5

  • SHA256

    adbd74fa44708c118685b0798bc9e27e0fd50d027a22bbf6328da02875cb18de

  • SHA512

    e5b03e1638ab04fb014683848fd4f4fb417e371b6c182c07e7f9c9589f5c95f774e8d47ad2411c71f1b9027598f10fd4c405539ef1e026953f1a3e9c5612e72f

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

212.237.17.99:443

176.28.17.160:6602

51.254.140.238:8333

rc4.plain
rc4.plain

Targets

    • Target

      8_hp8500at.dll

    • Size

      180KB

    • MD5

      f8c801f32b822d210bbb788407ed29cf

    • SHA1

      bc6b2888442a55b42d4aadf563a7383cafe20de5

    • SHA256

      adbd74fa44708c118685b0798bc9e27e0fd50d027a22bbf6328da02875cb18de

    • SHA512

      e5b03e1638ab04fb014683848fd4f4fb417e371b6c182c07e7f9c9589f5c95f774e8d47ad2411c71f1b9027598f10fd4c405539ef1e026953f1a3e9c5612e72f

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks