42d6ad1fbeb85debfa73b337c09db9764f2a13630046caf49120a71b35b42a54

General
Target

42d6ad1fbeb85debfa73b337c09db9764f2a13630046caf49120a71b35b42a54

Size

162KB

Sample

210421-x3lmr9l94j

Score
10 /10
MD5

492b1c2ee16b933ae5f927186d8329ec

SHA1

6322da8b75ce7197bf24aa03063fe6a18ec2f331

SHA256

42d6ad1fbeb85debfa73b337c09db9764f2a13630046caf49120a71b35b42a54

SHA512

16fc0239ef86801974f4a77b76f6f853568cd506bb110567d1ed2f06803219ee817e40c0234b8f08ac565ec68a651f3b0bc9242eb33fcc2bdab72027bb698367

Malware Config

Extracted

Family dridex
Botnet 40112
C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain
Targets
Target

42d6ad1fbeb85debfa73b337c09db9764f2a13630046caf49120a71b35b42a54

MD5

492b1c2ee16b933ae5f927186d8329ec

Filesize

162KB

Score
10 /10
SHA1

6322da8b75ce7197bf24aa03063fe6a18ec2f331

SHA256

42d6ad1fbeb85debfa73b337c09db9764f2a13630046caf49120a71b35b42a54

SHA512

16fc0239ef86801974f4a77b76f6f853568cd506bb110567d1ed2f06803219ee817e40c0234b8f08ac565ec68a651f3b0bc9242eb33fcc2bdab72027bb698367

Tags

Signatures

  • Dridex

    Description

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    Tags

  • Dridex Loader

    Description

    Detects Dridex both x86 and x64 loader in memory.

    Tags

  • Checks whether UAC is enabled

    Tags

    TTPs

    System Information Discovery

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1