General

  • Target

    a3b82fcd794267542a75ff2cc203dfb2edf89f1ad9f4a6967bfdf7a04b095f8c

  • Size

    162KB

  • Sample

    210621-72semg9816

  • MD5

    856fa74d6c976482ae62b338e049ca14

  • SHA1

    c643ec3768a81659cafe6974860aa4d323229779

  • SHA256

    a3b82fcd794267542a75ff2cc203dfb2edf89f1ad9f4a6967bfdf7a04b095f8c

  • SHA512

    7f9db5766ab768b8613ad5812a23e32342b820abd8e65395ab4d522003b272def97bb0b356f11367ec0b002261cadd8b9a1ea233b8342bf3a3eb18d82a8438e9

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      a3b82fcd794267542a75ff2cc203dfb2edf89f1ad9f4a6967bfdf7a04b095f8c

    • Size

      162KB

    • MD5

      856fa74d6c976482ae62b338e049ca14

    • SHA1

      c643ec3768a81659cafe6974860aa4d323229779

    • SHA256

      a3b82fcd794267542a75ff2cc203dfb2edf89f1ad9f4a6967bfdf7a04b095f8c

    • SHA512

      7f9db5766ab768b8613ad5812a23e32342b820abd8e65395ab4d522003b272def97bb0b356f11367ec0b002261cadd8b9a1ea233b8342bf3a3eb18d82a8438e9

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Matrix ATT&CK v6

Discovery

System Information Discovery

1
T1082

Tasks