General

  • Target

    d55ecfe1dc687fc0e7a01e459685c3d25e4d9a280ece82da7dc6e7838fe1121a

  • Size

    162KB

  • Sample

    210421-whh85khzes

  • MD5

    e167a98b81366d62a7267b5ff6f37c7e

  • SHA1

    e2daaee7694e3c997b49427de30a28ce11f085af

  • SHA256

    d55ecfe1dc687fc0e7a01e459685c3d25e4d9a280ece82da7dc6e7838fe1121a

  • SHA512

    308c94d846147ff167fe0d03489ddea2ec8848d607def324584cb1c661be07164359294d84390db3c1af8f2e122e732bfae9b23360923f9ddc429e55a8aaa966

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      d55ecfe1dc687fc0e7a01e459685c3d25e4d9a280ece82da7dc6e7838fe1121a

    • Size

      162KB

    • MD5

      e167a98b81366d62a7267b5ff6f37c7e

    • SHA1

      e2daaee7694e3c997b49427de30a28ce11f085af

    • SHA256

      d55ecfe1dc687fc0e7a01e459685c3d25e4d9a280ece82da7dc6e7838fe1121a

    • SHA512

      308c94d846147ff167fe0d03489ddea2ec8848d607def324584cb1c661be07164359294d84390db3c1af8f2e122e732bfae9b23360923f9ddc429e55a8aaa966

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Matrix ATT&CK v6

Discovery

System Information Discovery

1
T1082

Tasks