General

  • Target

    f0e239b0043eed17376ead3ba5c1cb1d1f2b5ac231036049d9a4c7ffae1753c7

  • Size

    158KB

  • Sample

    210622-9jtlgwybw6

  • MD5

    b5fb32dce5a7e555f62d42bc11df523f

  • SHA1

    5843160b9d8ab9ae349d71c457f51820ce18b340

  • SHA256

    f0e239b0043eed17376ead3ba5c1cb1d1f2b5ac231036049d9a4c7ffae1753c7

  • SHA512

    fcf6190ea18699b4186f943f022d82914f717888f319f7eb503f8548c1874f4d12098ed678211efe597e3ffd4c934a60cd5eecd136accc82784d391e019c2200

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172

rc4.plain
rc4.plain

Targets

    • Target

      f0e239b0043eed17376ead3ba5c1cb1d1f2b5ac231036049d9a4c7ffae1753c7

    • Size

      158KB

    • MD5

      b5fb32dce5a7e555f62d42bc11df523f

    • SHA1

      5843160b9d8ab9ae349d71c457f51820ce18b340

    • SHA256

      f0e239b0043eed17376ead3ba5c1cb1d1f2b5ac231036049d9a4c7ffae1753c7

    • SHA512

      fcf6190ea18699b4186f943f022d82914f717888f319f7eb503f8548c1874f4d12098ed678211efe597e3ffd4c934a60cd5eecd136accc82784d391e019c2200

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks