General

  • Target

    dffb2b2f4681001350fb8c0a44f5ffaca7205dd4df9082c6bec3223ed83c8501

  • Size

    162KB

  • Sample

    210421-frctdpesj6

  • MD5

    478b918d9df5c12a06c1fbc90c7da1db

  • SHA1

    7cd24bdaf7de98ff777adbf5500e89d2da6ceb88

  • SHA256

    dffb2b2f4681001350fb8c0a44f5ffaca7205dd4df9082c6bec3223ed83c8501

  • SHA512

    7a892fe6d2fd9d1e325a5fbf94edb730b557db319e2bc0b926a7c2f1af938671c8c30db42cac09800629a2c6cfc4c6b61a818e9e68b044b77139f671033d65cd

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      dffb2b2f4681001350fb8c0a44f5ffaca7205dd4df9082c6bec3223ed83c8501

    • Size

      162KB

    • MD5

      478b918d9df5c12a06c1fbc90c7da1db

    • SHA1

      7cd24bdaf7de98ff777adbf5500e89d2da6ceb88

    • SHA256

      dffb2b2f4681001350fb8c0a44f5ffaca7205dd4df9082c6bec3223ed83c8501

    • SHA512

      7a892fe6d2fd9d1e325a5fbf94edb730b557db319e2bc0b926a7c2f1af938671c8c30db42cac09800629a2c6cfc4c6b61a818e9e68b044b77139f671033d65cd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks