General

  • Target

    hu8y3z.rarajbmqczr

  • Size

    476KB

  • Sample

    220611-t4xgfsgbal

  • MD5

    cdf3b326951bd5cd55254e5599302183

  • SHA1

    217316d0d637d818e2d2d22397222d715ed7b64c

  • SHA256

    d0681c030a51811edc6f19b6cc418043ef928e251c681cdf75a05949f932340b

  • SHA512

    e7d0f735dfd665199acbc0a0d409d5494ab9649cd97809cf7727aa8d86f2695fa516f42ad9943d59ff1754629900590081c2d63c38cfc6a856b6a4902f600071

Malware Config

Extracted

Family

dridex

Botnet

10444

C2

23.246.204.126:443

151.106.39.36:8116

103.124.144.123:6891

172.105.78.60:4664

rc4.plain
rc4.plain

Targets

    • Target

      hu8y3z.rarajbmqczr

    • Size

      476KB

    • MD5

      cdf3b326951bd5cd55254e5599302183

    • SHA1

      217316d0d637d818e2d2d22397222d715ed7b64c

    • SHA256

      d0681c030a51811edc6f19b6cc418043ef928e251c681cdf75a05949f932340b

    • SHA512

      e7d0f735dfd665199acbc0a0d409d5494ab9649cd97809cf7727aa8d86f2695fa516f42ad9943d59ff1754629900590081c2d63c38cfc6a856b6a4902f600071

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks