General

  • Target

    e93c460c865705911342a275d058332518d2ff576a241a9a5abd12861886467f

  • Size

    162KB

  • Sample

    210622-j8nms2nqw2

  • MD5

    2d159455f375a47d205b9da4d896a479

  • SHA1

    2028393baeed092826c728ff75df77809420c269

  • SHA256

    e93c460c865705911342a275d058332518d2ff576a241a9a5abd12861886467f

  • SHA512

    53c661a6f8d7266335a19146002c27798a6f4de5fc883c0237bf103c0347e26307deb5a93fb4c65da5c777bcf2767edadda94f98429313eea640bd7f90fdc3fa

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      e93c460c865705911342a275d058332518d2ff576a241a9a5abd12861886467f

    • Size

      162KB

    • MD5

      2d159455f375a47d205b9da4d896a479

    • SHA1

      2028393baeed092826c728ff75df77809420c269

    • SHA256

      e93c460c865705911342a275d058332518d2ff576a241a9a5abd12861886467f

    • SHA512

      53c661a6f8d7266335a19146002c27798a6f4de5fc883c0237bf103c0347e26307deb5a93fb4c65da5c777bcf2767edadda94f98429313eea640bd7f90fdc3fa

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks