General

  • Target

    d5341974558a07627a6efe6d7572d206af62e341888b5b0257cdc0681fa410b0

  • Size

    158KB

  • Sample

    210621-z236lfm6ye

  • MD5

    d0451d6e1a4952a67f07b160eca14bb1

  • SHA1

    e135f952276817d4934c53b8daea4b0dd01f8733

  • SHA256

    d5341974558a07627a6efe6d7572d206af62e341888b5b0257cdc0681fa410b0

  • SHA512

    7bb198ea9ada0bb9cd66299e2f298974aa22a242e4e1aafc4c1a5687f441457bea059c23fe32dd45dbec1bad118feb64b2d9059b92bfe19187d7f569e785d4d2

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172

rc4.plain
rc4.plain

Targets

    • Target

      d5341974558a07627a6efe6d7572d206af62e341888b5b0257cdc0681fa410b0

    • Size

      158KB

    • MD5

      d0451d6e1a4952a67f07b160eca14bb1

    • SHA1

      e135f952276817d4934c53b8daea4b0dd01f8733

    • SHA256

      d5341974558a07627a6efe6d7572d206af62e341888b5b0257cdc0681fa410b0

    • SHA512

      7bb198ea9ada0bb9cd66299e2f298974aa22a242e4e1aafc4c1a5687f441457bea059c23fe32dd45dbec1bad118feb64b2d9059b92bfe19187d7f569e785d4d2

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks