General

  • Target

    ac2360defb39ef2bcd91959ecce3d4848763bfef72a97cbdd0ec8380d5b41490

  • Size

    158KB

  • Sample

    210622-8fafhs7f5s

  • MD5

    942f848916da1ca35245de8902a90535

  • SHA1

    df674bed94bdc6e99c2fe22797d4bfc5ca067172

  • SHA256

    ac2360defb39ef2bcd91959ecce3d4848763bfef72a97cbdd0ec8380d5b41490

  • SHA512

    ca415f48acb4b13651fef9b1813587e61aa4c1a21c567e457af6662d0ad41797467a6ae110273ef68cf718bf808f6410ab157a940e93785c35d9e8f23528e4a6

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172

rc4.plain
rc4.plain

Targets

    • Target

      ac2360defb39ef2bcd91959ecce3d4848763bfef72a97cbdd0ec8380d5b41490

    • Size

      158KB

    • MD5

      942f848916da1ca35245de8902a90535

    • SHA1

      df674bed94bdc6e99c2fe22797d4bfc5ca067172

    • SHA256

      ac2360defb39ef2bcd91959ecce3d4848763bfef72a97cbdd0ec8380d5b41490

    • SHA512

      ca415f48acb4b13651fef9b1813587e61aa4c1a21c567e457af6662d0ad41797467a6ae110273ef68cf718bf808f6410ab157a940e93785c35d9e8f23528e4a6

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks