General

  • Target

    abc06eb5cd620d049597411e55f95fdb78510afdb4fe82922f5357c78fd54bf6

  • Size

    162KB

  • Sample

    210511-31nsmb21m2

  • MD5

    f042e82967f0a7551315c33ac65dd7c1

  • SHA1

    6dd5dfbd4b1b1081c2805eeeb284a59876086731

  • SHA256

    abc06eb5cd620d049597411e55f95fdb78510afdb4fe82922f5357c78fd54bf6

  • SHA512

    db4bc9dd9ac279d567412f089a19d8a3c9a41cca23a4cbd0ebf4ecec26c7b87a3e21e5a8b3b5b94650bc2098d1c5da84280e772761d18264533085845883b66d

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      abc06eb5cd620d049597411e55f95fdb78510afdb4fe82922f5357c78fd54bf6

    • Size

      162KB

    • MD5

      f042e82967f0a7551315c33ac65dd7c1

    • SHA1

      6dd5dfbd4b1b1081c2805eeeb284a59876086731

    • SHA256

      abc06eb5cd620d049597411e55f95fdb78510afdb4fe82922f5357c78fd54bf6

    • SHA512

      db4bc9dd9ac279d567412f089a19d8a3c9a41cca23a4cbd0ebf4ecec26c7b87a3e21e5a8b3b5b94650bc2098d1c5da84280e772761d18264533085845883b66d

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Matrix ATT&CK v6

Discovery

System Information Discovery

1
T1082

Tasks