General

  • Target

    2b034a88cbc27ad278209e7a7dcd5000983b5a19aa48785d511a99f428eab459

  • Size

    162KB

  • Sample

    210622-gnvaaxkmc2

  • MD5

    bea621ea31a29768afb44e30aeb59402

  • SHA1

    82b3f716e42e49a3112050cc2674f636144c8e99

  • SHA256

    2b034a88cbc27ad278209e7a7dcd5000983b5a19aa48785d511a99f428eab459

  • SHA512

    f10e4b4b247db5fd2375e9eb263afffcdf2510e755eefaff315f05800c1558d5bf190fbbbf774eb9dfab703ec88264d903a46f5ca8a9e837e5478b87bd4551ed

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      2b034a88cbc27ad278209e7a7dcd5000983b5a19aa48785d511a99f428eab459

    • Size

      162KB

    • MD5

      bea621ea31a29768afb44e30aeb59402

    • SHA1

      82b3f716e42e49a3112050cc2674f636144c8e99

    • SHA256

      2b034a88cbc27ad278209e7a7dcd5000983b5a19aa48785d511a99f428eab459

    • SHA512

      f10e4b4b247db5fd2375e9eb263afffcdf2510e755eefaff315f05800c1558d5bf190fbbbf774eb9dfab703ec88264d903a46f5ca8a9e837e5478b87bd4551ed

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks