General

  • Target

    0ae4d4806d68546ba60c5d4c316340ab18bdf5356638934ec9701d219199264c

  • Size

    162KB

  • Sample

    210622-19x5dp5l5x

  • MD5

    15104bc3c9732e1cdb06c26c219d0713

  • SHA1

    1b17a442e85ec76d58abec283875f97b0b2e57f1

  • SHA256

    0ae4d4806d68546ba60c5d4c316340ab18bdf5356638934ec9701d219199264c

  • SHA512

    bce220846d947fabf548d878de92bdf59c345073ac20ffdce6470a18b74f34b9cebc30890f5d02618659603c6d226c000b291946471a39462d1535edd3db9537

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      0ae4d4806d68546ba60c5d4c316340ab18bdf5356638934ec9701d219199264c

    • Size

      162KB

    • MD5

      15104bc3c9732e1cdb06c26c219d0713

    • SHA1

      1b17a442e85ec76d58abec283875f97b0b2e57f1

    • SHA256

      0ae4d4806d68546ba60c5d4c316340ab18bdf5356638934ec9701d219199264c

    • SHA512

      bce220846d947fabf548d878de92bdf59c345073ac20ffdce6470a18b74f34b9cebc30890f5d02618659603c6d226c000b291946471a39462d1535edd3db9537

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks