General

  • Target

    fbf87da923319499bb1010b631dd73b9df938cb25b7a6580754b1b56787cc297

  • Size

    158KB

  • Sample

    210621-15v31d7rex

  • MD5

    d799016239d0bf4f562532435fb91208

  • SHA1

    8b234cf3262e074d04635ae817503dbc69918598

  • SHA256

    fbf87da923319499bb1010b631dd73b9df938cb25b7a6580754b1b56787cc297

  • SHA512

    ad64dd437c3a7c1e497f021a867046bdfcfac2e57733195ce185a7c95318726438c215b96e13787a0b0b5b279a69c31f2690b06e688ad4f19de3cc94bdcae6fe

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172

rc4.plain
rc4.plain

Targets

    • Target

      fbf87da923319499bb1010b631dd73b9df938cb25b7a6580754b1b56787cc297

    • Size

      158KB

    • MD5

      d799016239d0bf4f562532435fb91208

    • SHA1

      8b234cf3262e074d04635ae817503dbc69918598

    • SHA256

      fbf87da923319499bb1010b631dd73b9df938cb25b7a6580754b1b56787cc297

    • SHA512

      ad64dd437c3a7c1e497f021a867046bdfcfac2e57733195ce185a7c95318726438c215b96e13787a0b0b5b279a69c31f2690b06e688ad4f19de3cc94bdcae6fe

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Matrix ATT&CK v6

Discovery

System Information Discovery

1
T1082

Tasks