General

  • Target

    93df9bc210aa20c885cf5899bcb205f9cd36d310acfec1dc55c8c7c2dc23ef04

  • Size

    158KB

  • Sample

    210621-xgjq6sx7ca

  • MD5

    45ea2cfabfdbb0b4a810f52051e89775

  • SHA1

    f3884a86860c086fb440634ddc549bead573b375

  • SHA256

    93df9bc210aa20c885cf5899bcb205f9cd36d310acfec1dc55c8c7c2dc23ef04

  • SHA512

    30533cf2d887204e4a6ca727a9312fac6457214d398e7ece396af9de63e14c7c503042d8efcb6c0440189edbff677de84372538a336b6d1254bd814ee5380487

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172

rc4.plain
rc4.plain

Targets

    • Target

      93df9bc210aa20c885cf5899bcb205f9cd36d310acfec1dc55c8c7c2dc23ef04

    • Size

      158KB

    • MD5

      45ea2cfabfdbb0b4a810f52051e89775

    • SHA1

      f3884a86860c086fb440634ddc549bead573b375

    • SHA256

      93df9bc210aa20c885cf5899bcb205f9cd36d310acfec1dc55c8c7c2dc23ef04

    • SHA512

      30533cf2d887204e4a6ca727a9312fac6457214d398e7ece396af9de63e14c7c503042d8efcb6c0440189edbff677de84372538a336b6d1254bd814ee5380487

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks