General

  • Target

    e57a8644c82d40c6689d2c9ead6f59668508065bbd1b2df92a6501dada922875

  • Size

    158KB

  • Sample

    210621-66mlwpxr3e

  • MD5

    c445c5f2e02e0e4a43a4260c15ae78bc

  • SHA1

    868af75cda878f6f2b05962a61cff7e7fa134595

  • SHA256

    e57a8644c82d40c6689d2c9ead6f59668508065bbd1b2df92a6501dada922875

  • SHA512

    f4d6c987d4c076eac7badecb7b871fbe26b9989c27ee94f2153202cb03cfebaa10a4cde7ca81f7c169262a26ffc2849ed211f9fab0168dcee0fa505225d48998

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172

rc4.plain
rc4.plain

Targets

    • Target

      e57a8644c82d40c6689d2c9ead6f59668508065bbd1b2df92a6501dada922875

    • Size

      158KB

    • MD5

      c445c5f2e02e0e4a43a4260c15ae78bc

    • SHA1

      868af75cda878f6f2b05962a61cff7e7fa134595

    • SHA256

      e57a8644c82d40c6689d2c9ead6f59668508065bbd1b2df92a6501dada922875

    • SHA512

      f4d6c987d4c076eac7badecb7b871fbe26b9989c27ee94f2153202cb03cfebaa10a4cde7ca81f7c169262a26ffc2849ed211f9fab0168dcee0fa505225d48998

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks