General

  • Target

    230bcb92345d259b8fa46a9266c26efc96a35d694c8bb5757fb62374478c247a

  • Size

    162KB

  • Sample

    210622-628ea29z8a

  • MD5

    439733e93400d19db76e3a144e4abaf1

  • SHA1

    29ffbb8c83b447d341fcf020b2ba2a69abf0bed7

  • SHA256

    230bcb92345d259b8fa46a9266c26efc96a35d694c8bb5757fb62374478c247a

  • SHA512

    f3fa2b4bd11ba224f988bf9511bcea1bdd31f759496682b98b9f99e40dd56e7126a46b45ce2a0f7fe3d73011c569c476cc3ce7d8aba0fea0ee145865fc13484f

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      230bcb92345d259b8fa46a9266c26efc96a35d694c8bb5757fb62374478c247a

    • Size

      162KB

    • MD5

      439733e93400d19db76e3a144e4abaf1

    • SHA1

      29ffbb8c83b447d341fcf020b2ba2a69abf0bed7

    • SHA256

      230bcb92345d259b8fa46a9266c26efc96a35d694c8bb5757fb62374478c247a

    • SHA512

      f3fa2b4bd11ba224f988bf9511bcea1bdd31f759496682b98b9f99e40dd56e7126a46b45ce2a0f7fe3d73011c569c476cc3ce7d8aba0fea0ee145865fc13484f

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks