General

  • Target

    9cb49fcdbed369ce021fda6a44e6f70e76f92824eeaaf37b6838211497a1a737

  • Size

    552KB

  • Sample

    211224-l5nxpscgf3

  • MD5

    b8482d6bb15db46e762b62fd9e80e0b5

  • SHA1

    66a60532a4f1a31ea5ab69f94a509fcad046c134

  • SHA256

    9cb49fcdbed369ce021fda6a44e6f70e76f92824eeaaf37b6838211497a1a737

  • SHA512

    261785d45e72de2f278521c70662e647dda7b0c285145390c11ff9e4a643e0af6bbd5570cefa05bf5b952ff7bb0836fc1f4a46eeffb60602ec72a709968d5627

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

144.91.122.102:443

85.10.248.28:593

185.4.135.27:5228

80.211.3.13:8116

rc4.plain
rc4.plain

Targets

    • Target

      9cb49fcdbed369ce021fda6a44e6f70e76f92824eeaaf37b6838211497a1a737

    • Size

      552KB

    • MD5

      b8482d6bb15db46e762b62fd9e80e0b5

    • SHA1

      66a60532a4f1a31ea5ab69f94a509fcad046c134

    • SHA256

      9cb49fcdbed369ce021fda6a44e6f70e76f92824eeaaf37b6838211497a1a737

    • SHA512

      261785d45e72de2f278521c70662e647dda7b0c285145390c11ff9e4a643e0af6bbd5570cefa05bf5b952ff7bb0836fc1f4a46eeffb60602ec72a709968d5627

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks