General

  • Target

    7547ea6f14be49a2ddf1f03509abd6826a5b122cea97a41abbd8da07279a7939

  • Size

    158KB

  • Sample

    210621-klxgtv9q9x

  • MD5

    7303313870d92ee092d6fd9cf18f219b

  • SHA1

    d78d764829479e21e7decca0483e0b950813edc2

  • SHA256

    7547ea6f14be49a2ddf1f03509abd6826a5b122cea97a41abbd8da07279a7939

  • SHA512

    838123efa0073528451689c1cae5c1feee08dcd9e69c1c100e6162960622cdd5339cd3cba3968c87242e9cd3a3cae20730473ab0b8b053dbe04610f27771a418

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172

rc4.plain
rc4.plain

Targets

    • Target

      7547ea6f14be49a2ddf1f03509abd6826a5b122cea97a41abbd8da07279a7939

    • Size

      158KB

    • MD5

      7303313870d92ee092d6fd9cf18f219b

    • SHA1

      d78d764829479e21e7decca0483e0b950813edc2

    • SHA256

      7547ea6f14be49a2ddf1f03509abd6826a5b122cea97a41abbd8da07279a7939

    • SHA512

      838123efa0073528451689c1cae5c1feee08dcd9e69c1c100e6162960622cdd5339cd3cba3968c87242e9cd3a3cae20730473ab0b8b053dbe04610f27771a418

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks