General

  • Target

    63caacf26251742dc5080d8e97ef560e051ca34dee205e39b2369f670d572f60

  • Size

    162KB

  • Sample

    210504-bnchrjfchx

  • MD5

    0c75a36b5756990800d354cc61af7918

  • SHA1

    d827a615fcfadb71df0655bfbbc72bb64a9682db

  • SHA256

    63caacf26251742dc5080d8e97ef560e051ca34dee205e39b2369f670d572f60

  • SHA512

    2728a9bb0d0ab30d190b3cb222b75a33578494a1f9f69441376d16de97ccf07af7175bf9abfc45f90056ac147928c680a6707267dd4dfe98fa7885f3380ac2da

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      63caacf26251742dc5080d8e97ef560e051ca34dee205e39b2369f670d572f60

    • Size

      162KB

    • MD5

      0c75a36b5756990800d354cc61af7918

    • SHA1

      d827a615fcfadb71df0655bfbbc72bb64a9682db

    • SHA256

      63caacf26251742dc5080d8e97ef560e051ca34dee205e39b2369f670d572f60

    • SHA512

      2728a9bb0d0ab30d190b3cb222b75a33578494a1f9f69441376d16de97ccf07af7175bf9abfc45f90056ac147928c680a6707267dd4dfe98fa7885f3380ac2da

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Matrix ATT&CK v6

Discovery

System Information Discovery

1
T1082

Tasks