General

  • Target

    efbd76616dc1cd8210a8c54611f4ffa88e635f0f6ded2f8ff48311737635edda

  • Size

    552KB

  • Sample

    211224-ct8naschdp

  • MD5

    63c22ce32346e029fa5a1ec1ae619d0f

  • SHA1

    222cf86c3b59f466292bb734be308cda77c3ddff

  • SHA256

    efbd76616dc1cd8210a8c54611f4ffa88e635f0f6ded2f8ff48311737635edda

  • SHA512

    413efdf48b13d8cd6cb9f799215a7c34588995ba5f48c4db855ad332c3b4b6b7c753ff361d0cd850a728ec68c76b47e96aaac604f3bdb069920d930c422bd0f4

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

144.91.122.102:443

85.10.248.28:593

185.4.135.27:5228

80.211.3.13:8116

rc4.plain
rc4.plain

Targets

    • Target

      efbd76616dc1cd8210a8c54611f4ffa88e635f0f6ded2f8ff48311737635edda

    • Size

      552KB

    • MD5

      63c22ce32346e029fa5a1ec1ae619d0f

    • SHA1

      222cf86c3b59f466292bb734be308cda77c3ddff

    • SHA256

      efbd76616dc1cd8210a8c54611f4ffa88e635f0f6ded2f8ff48311737635edda

    • SHA512

      413efdf48b13d8cd6cb9f799215a7c34588995ba5f48c4db855ad332c3b4b6b7c753ff361d0cd850a728ec68c76b47e96aaac604f3bdb069920d930c422bd0f4

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks