General

  • Target

    5c770ad5404e6bb01056318252ef80192eb33667a7796f4cf878e59a771c8f29

  • Size

    162KB

  • Sample

    210615-c8tbwsbmta

  • MD5

    10df05cd9a52e51c70d9db09aab27f30

  • SHA1

    86548279d9782656d5c4e60f881fb90f68271ef4

  • SHA256

    5c770ad5404e6bb01056318252ef80192eb33667a7796f4cf878e59a771c8f29

  • SHA512

    d2bea891c199539ea9393b041768fe2e5618da432efe6deb4b9fc22646ba1f1fd627b79669b71600c220de7434d942db415888f9ba6ea490a32abe3a6db9e1d6

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      5c770ad5404e6bb01056318252ef80192eb33667a7796f4cf878e59a771c8f29

    • Size

      162KB

    • MD5

      10df05cd9a52e51c70d9db09aab27f30

    • SHA1

      86548279d9782656d5c4e60f881fb90f68271ef4

    • SHA256

      5c770ad5404e6bb01056318252ef80192eb33667a7796f4cf878e59a771c8f29

    • SHA512

      d2bea891c199539ea9393b041768fe2e5618da432efe6deb4b9fc22646ba1f1fd627b79669b71600c220de7434d942db415888f9ba6ea490a32abe3a6db9e1d6

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks