General

  • Target

    435f76ca64f1878237572901d941887a7472bba62a821daf0a39acb4b4ca18f9

  • Size

    552KB

  • Sample

    211224-l5nxpsdfam

  • MD5

    9f3d9662f5600b968ae33403e00e461d

  • SHA1

    84690768447d4507ab18f326b0613b67d3013e35

  • SHA256

    435f76ca64f1878237572901d941887a7472bba62a821daf0a39acb4b4ca18f9

  • SHA512

    119005727985baf4a83f41d8c3a43ff96df64afbc643a113446da10075a32b344ae62b94d4868f4c4070ad3d621a3edc1f099867aee256ac9d204c3d7ec062b4

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

144.91.122.102:443

85.10.248.28:593

185.4.135.27:5228

80.211.3.13:8116

rc4.plain
rc4.plain

Targets

    • Target

      435f76ca64f1878237572901d941887a7472bba62a821daf0a39acb4b4ca18f9

    • Size

      552KB

    • MD5

      9f3d9662f5600b968ae33403e00e461d

    • SHA1

      84690768447d4507ab18f326b0613b67d3013e35

    • SHA256

      435f76ca64f1878237572901d941887a7472bba62a821daf0a39acb4b4ca18f9

    • SHA512

      119005727985baf4a83f41d8c3a43ff96df64afbc643a113446da10075a32b344ae62b94d4868f4c4070ad3d621a3edc1f099867aee256ac9d204c3d7ec062b4

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks