9e84e737e61102145b2dcb56555b64feb6b1920a2bec63f993cd9267c65eebf7

General
Target

9e84e737e61102145b2dcb56555b64feb6b1920a2bec63f993cd9267c65eebf7

Size

160KB

Sample

210421-2qkeh4tc9a

Score
10 /10
MD5

e4efb576694fdf508f930220e66ed930

SHA1

dee42779d1bc1d347ab1c9bdef64ce46d79ca0df

SHA256

9e84e737e61102145b2dcb56555b64feb6b1920a2bec63f993cd9267c65eebf7

SHA512

6da9c8633eebc1008887fa6256e14b86d428e4df295eb5cf5423aba35ce3182571d7945f486003d7cfbace24f86aa0972231cc2d10813c67a7876e8428d56b89

Malware Config

Extracted

Family dridex
Botnet 40111
C2

94.247.168.64:443

159.203.93.122:8172

50.116.27.97:2303

rc4.plain
rc4.plain
Targets
Target

9e84e737e61102145b2dcb56555b64feb6b1920a2bec63f993cd9267c65eebf7

MD5

e4efb576694fdf508f930220e66ed930

Filesize

160KB

Score
10 /10
SHA1

dee42779d1bc1d347ab1c9bdef64ce46d79ca0df

SHA256

9e84e737e61102145b2dcb56555b64feb6b1920a2bec63f993cd9267c65eebf7

SHA512

6da9c8633eebc1008887fa6256e14b86d428e4df295eb5cf5423aba35ce3182571d7945f486003d7cfbace24f86aa0972231cc2d10813c67a7876e8428d56b89

Tags

Signatures

  • Dridex

    Description

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    Tags

  • Dridex Loader

    Description

    Detects Dridex both x86 and x64 loader in memory.

    Tags

  • Checks whether UAC is enabled

    Tags

    TTPs

    System Information Discovery

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1