63caacf26251742dc5080d8e97ef560e051ca34dee205e39b2369f670d572f60

General
Target

63caacf26251742dc5080d8e97ef560e051ca34dee205e39b2369f670d572f60

Size

162KB

Sample

210504-bnchrjfchx

Score
10 /10
MD5

0c75a36b5756990800d354cc61af7918

SHA1

d827a615fcfadb71df0655bfbbc72bb64a9682db

SHA256

63caacf26251742dc5080d8e97ef560e051ca34dee205e39b2369f670d572f60

SHA512

2728a9bb0d0ab30d190b3cb222b75a33578494a1f9f69441376d16de97ccf07af7175bf9abfc45f90056ac147928c680a6707267dd4dfe98fa7885f3380ac2da

Malware Config

Extracted

Family dridex
Botnet 40112
C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain
Targets
Target

63caacf26251742dc5080d8e97ef560e051ca34dee205e39b2369f670d572f60

MD5

0c75a36b5756990800d354cc61af7918

Filesize

162KB

Score
10 /10
SHA1

d827a615fcfadb71df0655bfbbc72bb64a9682db

SHA256

63caacf26251742dc5080d8e97ef560e051ca34dee205e39b2369f670d572f60

SHA512

2728a9bb0d0ab30d190b3cb222b75a33578494a1f9f69441376d16de97ccf07af7175bf9abfc45f90056ac147928c680a6707267dd4dfe98fa7885f3380ac2da

Tags

Signatures

  • Dridex

    Description

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    Tags

  • Dridex Loader

    Description

    Detects Dridex both x86 and x64 loader in memory.

    Tags

  • Checks whether UAC is enabled

    Tags

    TTPs

    System Information Discovery

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1