General

  • Target

    3b452ee45ed14fd39e23ea96775a553959cf125a5f3180452050387aaa087630

  • Size

    158KB

  • Sample

    210421-m3degfhnyn

  • MD5

    68d4addbe02cc512d5b9cd2da10ff6d0

  • SHA1

    42cafeba42b3df16e4c0118bf94a49a0af822fed

  • SHA256

    3b452ee45ed14fd39e23ea96775a553959cf125a5f3180452050387aaa087630

  • SHA512

    58afb620bf37afd98eaae1957074a592565e1e37200b052a03cd1d9a5fb3327bf4e8dabf4280b680f9840644be2d4c9e9a5e85e307171d7e05678f3231d9b675

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

94.247.168.64:443

159.203.93.122:8172

50.116.27.97:2303

rc4.plain
rc4.plain

Targets

    • Target

      3b452ee45ed14fd39e23ea96775a553959cf125a5f3180452050387aaa087630

    • Size

      158KB

    • MD5

      68d4addbe02cc512d5b9cd2da10ff6d0

    • SHA1

      42cafeba42b3df16e4c0118bf94a49a0af822fed

    • SHA256

      3b452ee45ed14fd39e23ea96775a553959cf125a5f3180452050387aaa087630

    • SHA512

      58afb620bf37afd98eaae1957074a592565e1e37200b052a03cd1d9a5fb3327bf4e8dabf4280b680f9840644be2d4c9e9a5e85e307171d7e05678f3231d9b675

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks