General

  • Target

    01d434569913a059035155e7ffab6c028b39723c8720683c9a01f37c4c482c81

  • Size

    162KB

  • Sample

    210615-5ajhb3shan

  • MD5

    5506c4ead2c1ed590cb3809f5352d6a6

  • SHA1

    4ae4af2a2a4cca816d6f44b7b7b0b273d681924e

  • SHA256

    01d434569913a059035155e7ffab6c028b39723c8720683c9a01f37c4c482c81

  • SHA512

    63b40e4deb5b2bbb4ecc84b9a68da55602dba9c931b6d64ebf82f865fe1f2f0efb7f6ab165787e11b75046d1d13a1eae4e4e5b67941303ebfe66eb93261a7b96

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      01d434569913a059035155e7ffab6c028b39723c8720683c9a01f37c4c482c81

    • Size

      162KB

    • MD5

      5506c4ead2c1ed590cb3809f5352d6a6

    • SHA1

      4ae4af2a2a4cca816d6f44b7b7b0b273d681924e

    • SHA256

      01d434569913a059035155e7ffab6c028b39723c8720683c9a01f37c4c482c81

    • SHA512

      63b40e4deb5b2bbb4ecc84b9a68da55602dba9c931b6d64ebf82f865fe1f2f0efb7f6ab165787e11b75046d1d13a1eae4e4e5b67941303ebfe66eb93261a7b96

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks