General

  • Target

    019e4a2eaa89bbc5dd4dd542baa34e32fde1bd36038b3761aad409dec278e528

  • Size

    512KB

  • Sample

    211231-vr8vdshah7

  • MD5

    e21ad7f48cf6448cb847a955b511374e

  • SHA1

    046cae3fb14e2c40d13fba3c03a0e71c52b1ff4c

  • SHA256

    019e4a2eaa89bbc5dd4dd542baa34e32fde1bd36038b3761aad409dec278e528

  • SHA512

    4775e1dc2de8d00407ba010a21d51bda9a96a988978710350993ba0d480d91d0d066c8a42ead823fd7f7e45b758b9f197a394018965f0f159bb662d408c4408b

Malware Config

Extracted

Family

dridex

Botnet

22203

C2

51.159.52.196:443

134.209.247.135:6602

194.233.68.48:5228

89.31.56.58:593

rc4.plain
rc4.plain

Targets

    • Target

      019e4a2eaa89bbc5dd4dd542baa34e32fde1bd36038b3761aad409dec278e528

    • Size

      512KB

    • MD5

      e21ad7f48cf6448cb847a955b511374e

    • SHA1

      046cae3fb14e2c40d13fba3c03a0e71c52b1ff4c

    • SHA256

      019e4a2eaa89bbc5dd4dd542baa34e32fde1bd36038b3761aad409dec278e528

    • SHA512

      4775e1dc2de8d00407ba010a21d51bda9a96a988978710350993ba0d480d91d0d066c8a42ead823fd7f7e45b758b9f197a394018965f0f159bb662d408c4408b

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks