b8d328a5f5f586f691e447bffdae273ecac21c5a2ef4ad266f1eaa1ff329874b

General
Target

b8d328a5f5f586f691e447bffdae273ecac21c5a2ef4ad266f1eaa1ff329874b

Size

162KB

Sample

210421-sdaxrg1phn

Score
10 /10
MD5

458e559c8182cb16612797ce291f9be8

SHA1

e43083dac32ce12310f0c24cddc7828bbab391e5

SHA256

b8d328a5f5f586f691e447bffdae273ecac21c5a2ef4ad266f1eaa1ff329874b

SHA512

6e39562bfa783eb941aefd50759aa9d7c53dc02169fa5bb504e965cf4310c31fd0a61756755845786a42924dabdcbb6aef72a1cfefc5f1aab35ae065661881d6

Malware Config

Extracted

Family dridex
Botnet 40112
C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain
Targets
Target

b8d328a5f5f586f691e447bffdae273ecac21c5a2ef4ad266f1eaa1ff329874b

MD5

458e559c8182cb16612797ce291f9be8

Filesize

162KB

Score
10 /10
SHA1

e43083dac32ce12310f0c24cddc7828bbab391e5

SHA256

b8d328a5f5f586f691e447bffdae273ecac21c5a2ef4ad266f1eaa1ff329874b

SHA512

6e39562bfa783eb941aefd50759aa9d7c53dc02169fa5bb504e965cf4310c31fd0a61756755845786a42924dabdcbb6aef72a1cfefc5f1aab35ae065661881d6

Tags

Signatures

  • Dridex

    Description

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    Tags

  • Dridex Loader

    Description

    Detects Dridex both x86 and x64 loader in memory.

    Tags

  • Checks whether UAC is enabled

    Tags

    TTPs

    System Information Discovery

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1