General

  • Target

    Dridex_b06b7b05e576d19367c383aabd9c8fed8cd5e7955e2f1493d326b9b5306c7439.zip

  • Size

    165KB

  • Sample

    220628-r92l9aabdn

  • MD5

    fb2170edd3a07736ff00974a0b7d4c39

  • SHA1

    d8693cdaf2d7ca79faa20d917880d39d87e32e0c

  • SHA256

    66de0e550556441d82d40bb4a45ba88ebf0db4564b3af00d198aa58e4ce042dc

  • SHA512

    eff867ae30dc630afc8f7e1cf858c945959fa6b7923ada0b30f6e6ba172ce7ee2e191adf6ecd591ceeb476e6a574de32af41fc8fd4f9a62468a497c289afe271

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

144.91.122.102:443

85.10.248.28:593

185.4.135.27:5228

80.211.3.13:8116

rc4.plain
rc4.plain

Targets

    • Target

      Dridex_b06b7b05e576d19367c383aabd9c8fed8cd5e7955e2f1493d326b9b5306c7439.bin

    • Size

      532KB

    • MD5

      43d4b9318439f6926dfbcf46a5291621

    • SHA1

      06581c15c15cf8345bef1cea5b32fbc7d7d71e03

    • SHA256

      b06b7b05e576d19367c383aabd9c8fed8cd5e7955e2f1493d326b9b5306c7439

    • SHA512

      1cd1903a05030e394056ec5c23f4d08d8959ef349ffeaccbc61feb620724e4555c7e5fae7b40bedcae308681af79b9cb60f4b5d181d4e24d5ec2f547349cbe04

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks