General

  • Target

    37fa856ec21449ca0081a07ef60aea8311f3126dbac4cbee88429d5ce83e3be4

  • Size

    158KB

  • Sample

    210615-t8nskk2pja

  • MD5

    5c56849dbdc24876c422455451a1d564

  • SHA1

    41962ea83d8f4f9f386f9c091aad99d9851184be

  • SHA256

    37fa856ec21449ca0081a07ef60aea8311f3126dbac4cbee88429d5ce83e3be4

  • SHA512

    6d67aa939cf952cbda8dfaa33e34aef2e438613b980a888f5b88fa1c99434e3d0a0f3f0f3923d09e3ec84e46ee8e0b086419a6a804fecd7203b98e8e5ef71428

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172

rc4.plain
rc4.plain

Targets

    • Target

      37fa856ec21449ca0081a07ef60aea8311f3126dbac4cbee88429d5ce83e3be4

    • Size

      158KB

    • MD5

      5c56849dbdc24876c422455451a1d564

    • SHA1

      41962ea83d8f4f9f386f9c091aad99d9851184be

    • SHA256

      37fa856ec21449ca0081a07ef60aea8311f3126dbac4cbee88429d5ce83e3be4

    • SHA512

      6d67aa939cf952cbda8dfaa33e34aef2e438613b980a888f5b88fa1c99434e3d0a0f3f0f3923d09e3ec84e46ee8e0b086419a6a804fecd7203b98e8e5ef71428

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks