7970e355deb7489ddd4130bf8097bfb985b62cb29ddd695c98f7d83efb171db7

General
Target

7970e355deb7489ddd4130bf8097bfb985b62cb29ddd695c98f7d83efb171db7

Size

161KB

Sample

210421-5bhbrh9v9s

Score
10 /10
MD5

881c13da6966824fc5628e664ebc7637

SHA1

117c98df3eb82e9e9cba99d8d040831778085bb3

SHA256

7970e355deb7489ddd4130bf8097bfb985b62cb29ddd695c98f7d83efb171db7

SHA512

7d415a559f424e303567926dae4d76d224fddcbc7b389040ba17340c2c9eac784a924f637f28d0ed634166f5cff09a4fb347ae43aa4f6da9f6afcfc98f8ffb91

Malware Config

Extracted

Family dridex
Botnet 40111
C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain
Targets
Target

7970e355deb7489ddd4130bf8097bfb985b62cb29ddd695c98f7d83efb171db7

MD5

881c13da6966824fc5628e664ebc7637

Filesize

161KB

Score
10 /10
SHA1

117c98df3eb82e9e9cba99d8d040831778085bb3

SHA256

7970e355deb7489ddd4130bf8097bfb985b62cb29ddd695c98f7d83efb171db7

SHA512

7d415a559f424e303567926dae4d76d224fddcbc7b389040ba17340c2c9eac784a924f637f28d0ed634166f5cff09a4fb347ae43aa4f6da9f6afcfc98f8ffb91

Tags

Signatures

  • Dridex

    Description

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    Tags

  • Dridex Loader

    Description

    Detects Dridex both x86 and x64 loader in memory.

    Tags

  • Checks whether UAC is enabled

    Tags

    TTPs

    System Information Discovery

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1