4c0ad7846b6327e680f4c4084eace169c52c701546f59ba428d1f1e01214540a

General
Target

4c0ad7846b6327e680f4c4084eace169c52c701546f59ba428d1f1e01214540a

Size

158KB

Sample

210504-g4pzy8mmls

Score
10 /10
MD5

b1aa4a5139a25832d420db0e297b62b1

SHA1

c3e53995cfb1518b4460f13dcf0c269d95fd1bad

SHA256

4c0ad7846b6327e680f4c4084eace169c52c701546f59ba428d1f1e01214540a

SHA512

ba01784648e5cd52871501d6acd958c14c6df5c7d937afb45d1de44cf8356cd74eff27704100798347478040c255076e58cd50bed0cd386cdf09b1ebe1748230

Malware Config

Extracted

Family dridex
Botnet 40111
C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172

rc4.plain
rc4.plain
Targets
Target

4c0ad7846b6327e680f4c4084eace169c52c701546f59ba428d1f1e01214540a

MD5

b1aa4a5139a25832d420db0e297b62b1

Filesize

158KB

Score
10 /10
SHA1

c3e53995cfb1518b4460f13dcf0c269d95fd1bad

SHA256

4c0ad7846b6327e680f4c4084eace169c52c701546f59ba428d1f1e01214540a

SHA512

ba01784648e5cd52871501d6acd958c14c6df5c7d937afb45d1de44cf8356cd74eff27704100798347478040c255076e58cd50bed0cd386cdf09b1ebe1748230

Tags

Signatures

  • Dridex

    Description

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    Tags

  • Dridex Loader

    Description

    Detects Dridex both x86 and x64 loader in memory.

    Tags

  • Checks whether UAC is enabled

    Tags

    TTPs

    System Information Discovery

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1