a9ca9c117e1e1e21a1171945a692b66e3f608dcb6bd20a9f8ece898d21b6157e

General
Target

a9ca9c117e1e1e21a1171945a692b66e3f608dcb6bd20a9f8ece898d21b6157e

Size

161KB

Sample

210421-v4bzertyts

Score
10 /10
MD5

0b093f120751919c403d869b95ca926e

SHA1

284c13638a7df734fb48deef6d0f93933e6563b6

SHA256

a9ca9c117e1e1e21a1171945a692b66e3f608dcb6bd20a9f8ece898d21b6157e

SHA512

625ae653f857f106a1130c60265e838ba4b2ad30ca234c204ddfa6f792102296d22ba73368b0afa2c54af55f80bd9a8f0fb9df6b773e50543da2f8abb011b5ce

Malware Config

Extracted

Family dridex
Botnet 40111
C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain
Targets
Target

a9ca9c117e1e1e21a1171945a692b66e3f608dcb6bd20a9f8ece898d21b6157e

MD5

0b093f120751919c403d869b95ca926e

Filesize

161KB

Score
10 /10
SHA1

284c13638a7df734fb48deef6d0f93933e6563b6

SHA256

a9ca9c117e1e1e21a1171945a692b66e3f608dcb6bd20a9f8ece898d21b6157e

SHA512

625ae653f857f106a1130c60265e838ba4b2ad30ca234c204ddfa6f792102296d22ba73368b0afa2c54af55f80bd9a8f0fb9df6b773e50543da2f8abb011b5ce

Tags

Signatures

  • Dridex

    Description

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    Tags

  • Dridex Loader

    Description

    Detects Dridex both x86 and x64 loader in memory.

    Tags

  • Checks whether UAC is enabled

    Tags

    TTPs

    System Information Discovery

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1