General

  • Target

    1b527a1483d2afb6df44a6cf9b0a74f483967dfd8bc296ffc158693c28ff4ee7

  • Size

    162KB

  • Sample

    210621-5mb6y4nc3a

  • MD5

    04a6fa6d79004be852cb446b4c709bf2

  • SHA1

    b037d98c19a893b4a8ed7fe5272f5ef0443fdb85

  • SHA256

    1b527a1483d2afb6df44a6cf9b0a74f483967dfd8bc296ffc158693c28ff4ee7

  • SHA512

    27ae5834e43be759d3b2928a774ec4e9cd23bc1e0d37a43873872f2c01b5c363cc00a25dff41eb6bc6c6b90aa7176b9d559f68266c6f9e1bd3c0984c2630fa8b

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      1b527a1483d2afb6df44a6cf9b0a74f483967dfd8bc296ffc158693c28ff4ee7

    • Size

      162KB

    • MD5

      04a6fa6d79004be852cb446b4c709bf2

    • SHA1

      b037d98c19a893b4a8ed7fe5272f5ef0443fdb85

    • SHA256

      1b527a1483d2afb6df44a6cf9b0a74f483967dfd8bc296ffc158693c28ff4ee7

    • SHA512

      27ae5834e43be759d3b2928a774ec4e9cd23bc1e0d37a43873872f2c01b5c363cc00a25dff41eb6bc6c6b90aa7176b9d559f68266c6f9e1bd3c0984c2630fa8b

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks