General

  • Target

    f9eaeb6cfd53a0a5494eb3e8caf0f091d265eb5e29b1cfb0296238e2a55a52ea

  • Size

    162KB

  • Sample

    210622-d3vyy664va

  • MD5

    64be65b424aa9dad2de01f075fdfeaa2

  • SHA1

    3b1d1fe4e63d0f73d10f365b19c50fa51fed136e

  • SHA256

    f9eaeb6cfd53a0a5494eb3e8caf0f091d265eb5e29b1cfb0296238e2a55a52ea

  • SHA512

    6bd8daed26891f6f455a99b8af13b3b030dba9293cc23a62bda8fb3a9f9236b2ff89dd3579104eec540cfc22542a9b2ebeff7dce5336c60e3836fa0bd46188c8

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      f9eaeb6cfd53a0a5494eb3e8caf0f091d265eb5e29b1cfb0296238e2a55a52ea

    • Size

      162KB

    • MD5

      64be65b424aa9dad2de01f075fdfeaa2

    • SHA1

      3b1d1fe4e63d0f73d10f365b19c50fa51fed136e

    • SHA256

      f9eaeb6cfd53a0a5494eb3e8caf0f091d265eb5e29b1cfb0296238e2a55a52ea

    • SHA512

      6bd8daed26891f6f455a99b8af13b3b030dba9293cc23a62bda8fb3a9f9236b2ff89dd3579104eec540cfc22542a9b2ebeff7dce5336c60e3836fa0bd46188c8

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks