General

  • Target

    1673e4051ac262b9a060904896d2655fcd4800f1e33027b092bbd0865b7afcb4

  • Size

    552KB

  • Sample

    211224-l5n8gadfan

  • MD5

    63239bacb15767b8e0a9bbec460f6b11

  • SHA1

    f7bc6748f6a1c5bf4b2f5c6f6129c8580a41667e

  • SHA256

    1673e4051ac262b9a060904896d2655fcd4800f1e33027b092bbd0865b7afcb4

  • SHA512

    0407141c0aa202323914bb618cefb6ca719f6cde2c317897dbd13e3d30af6ccf42c26799414de1a2c529f6eaf1a4103fa6ff96700a19ee0a605b7e052d62ea51

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

144.91.122.102:443

85.10.248.28:593

185.4.135.27:5228

80.211.3.13:8116

rc4.plain
rc4.plain

Targets

    • Target

      1673e4051ac262b9a060904896d2655fcd4800f1e33027b092bbd0865b7afcb4

    • Size

      552KB

    • MD5

      63239bacb15767b8e0a9bbec460f6b11

    • SHA1

      f7bc6748f6a1c5bf4b2f5c6f6129c8580a41667e

    • SHA256

      1673e4051ac262b9a060904896d2655fcd4800f1e33027b092bbd0865b7afcb4

    • SHA512

      0407141c0aa202323914bb618cefb6ca719f6cde2c317897dbd13e3d30af6ccf42c26799414de1a2c529f6eaf1a4103fa6ff96700a19ee0a605b7e052d62ea51

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks