General

  • Target

    d39a6c3dd2152739833df1208ab5424249906fac943c7173c5e5a7b564ba936d

  • Size

    162KB

  • Sample

    210615-l6yg7sns82

  • MD5

    4c7a9546b94b23e9892cf0d85f6c98a0

  • SHA1

    fb6e6d874bd585e194598f3d05f793b733c8c64f

  • SHA256

    d39a6c3dd2152739833df1208ab5424249906fac943c7173c5e5a7b564ba936d

  • SHA512

    dcbffb04feb2f4ce253105d51fd4a4515ab1a76471efd8587dfb260bc802344ad85942f57eaf6e6dcf99e59abb06b7f9fd1814dd1f2fd7d2f3475c53aab897c1

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      d39a6c3dd2152739833df1208ab5424249906fac943c7173c5e5a7b564ba936d

    • Size

      162KB

    • MD5

      4c7a9546b94b23e9892cf0d85f6c98a0

    • SHA1

      fb6e6d874bd585e194598f3d05f793b733c8c64f

    • SHA256

      d39a6c3dd2152739833df1208ab5424249906fac943c7173c5e5a7b564ba936d

    • SHA512

      dcbffb04feb2f4ce253105d51fd4a4515ab1a76471efd8587dfb260bc802344ad85942f57eaf6e6dcf99e59abb06b7f9fd1814dd1f2fd7d2f3475c53aab897c1

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks