General

  • Target

    IDCRnINaaEmumCkkklgbtq.bin

  • Size

    512KB

  • Sample

    220626-gcbz8ahaep

  • MD5

    915aafdf0d410067666248efe8df8fcf

  • SHA1

    744b92941284e1164b608235b19c8f07f9dc6819

  • SHA256

    c5d21d0bab87488027c50dfe072831c77ff7c12f1c8bc0e5e6e3669a90c96ac3

  • SHA512

    93748ff5ff761150b4b32285515a6f7dea0bfe917c9a85e55849474b8b2392eff0e66d3c02395b3c4e4d77ed61aab00e9c0ff2b6bf09ceb99413f123becfed2c

Malware Config

Extracted

Family

dridex

Botnet

22203

C2

51.159.52.196:443

134.209.247.135:6602

194.233.68.48:5228

89.31.56.58:593

rc4.plain
rc4.plain

Targets

    • Target

      IDCRnINaaEmumCkkklgbtq.bin

    • Size

      512KB

    • MD5

      915aafdf0d410067666248efe8df8fcf

    • SHA1

      744b92941284e1164b608235b19c8f07f9dc6819

    • SHA256

      c5d21d0bab87488027c50dfe072831c77ff7c12f1c8bc0e5e6e3669a90c96ac3

    • SHA512

      93748ff5ff761150b4b32285515a6f7dea0bfe917c9a85e55849474b8b2392eff0e66d3c02395b3c4e4d77ed61aab00e9c0ff2b6bf09ceb99413f123becfed2c

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks