General

  • Target

    aeaf0e8738e836bc4566533d060bcb68dd90c60b84ae83a479f0d8e37b11e09b

  • Size

    158KB

  • Sample

    210622-lvt8j8z4pe

  • MD5

    3919183589847c1655b56a966e31e994

  • SHA1

    38fcac3cc7cad9a2504c169b58cfb73621d24b1a

  • SHA256

    aeaf0e8738e836bc4566533d060bcb68dd90c60b84ae83a479f0d8e37b11e09b

  • SHA512

    848db2ed6f529ebf3c48514960b59635c2ae543d01897d07c7a501de01f7024089b3bfbc6280f0f370b992f0fc436f92682107a2be1f94cbc81fd9c53035e7e2

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172

rc4.plain
rc4.plain

Targets

    • Target

      aeaf0e8738e836bc4566533d060bcb68dd90c60b84ae83a479f0d8e37b11e09b

    • Size

      158KB

    • MD5

      3919183589847c1655b56a966e31e994

    • SHA1

      38fcac3cc7cad9a2504c169b58cfb73621d24b1a

    • SHA256

      aeaf0e8738e836bc4566533d060bcb68dd90c60b84ae83a479f0d8e37b11e09b

    • SHA512

      848db2ed6f529ebf3c48514960b59635c2ae543d01897d07c7a501de01f7024089b3bfbc6280f0f370b992f0fc436f92682107a2be1f94cbc81fd9c53035e7e2

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks