General

  • Target

    b46403a1430c05d91007a56a0cffb82435143e70045a26ac718ba006631cf3d0

  • Size

    162KB

  • Sample

    210615-5zffycpqze

  • MD5

    94294bbe26100d729f17bbc6c611fac2

  • SHA1

    67b2f5fedfc7dcb23b5a13ce017d590d10f65d49

  • SHA256

    b46403a1430c05d91007a56a0cffb82435143e70045a26ac718ba006631cf3d0

  • SHA512

    3edd55da02a885145c07872f8a26ca5f827fbcd5166838ba95da58708872e60ab83edc02d1909f6bfd88e77203b78ec35b7a7d14e5864e776610054faf1b446d

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      b46403a1430c05d91007a56a0cffb82435143e70045a26ac718ba006631cf3d0

    • Size

      162KB

    • MD5

      94294bbe26100d729f17bbc6c611fac2

    • SHA1

      67b2f5fedfc7dcb23b5a13ce017d590d10f65d49

    • SHA256

      b46403a1430c05d91007a56a0cffb82435143e70045a26ac718ba006631cf3d0

    • SHA512

      3edd55da02a885145c07872f8a26ca5f827fbcd5166838ba95da58708872e60ab83edc02d1909f6bfd88e77203b78ec35b7a7d14e5864e776610054faf1b446d

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks