General

  • Target

    6e472e4bd35cfcbd3edc71213c2dae5569a5cef8d813d3f0fd9d06acfa115975

  • Size

    162KB

  • Sample

    210622-myxf1f9naa

  • MD5

    4b6e762a7a8dedd38069e4f9a6b201c1

  • SHA1

    6e9b29aaa798e0608dc7f63b2d690523c776b642

  • SHA256

    6e472e4bd35cfcbd3edc71213c2dae5569a5cef8d813d3f0fd9d06acfa115975

  • SHA512

    1ffc930cc3fa48690aa1caf453dc829c2d12877335eaf9884b32de4680f65c50ae9f109ddecf0dcec3620d566567b19a6f57375584970108efbb18a41c23f924

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      6e472e4bd35cfcbd3edc71213c2dae5569a5cef8d813d3f0fd9d06acfa115975

    • Size

      162KB

    • MD5

      4b6e762a7a8dedd38069e4f9a6b201c1

    • SHA1

      6e9b29aaa798e0608dc7f63b2d690523c776b642

    • SHA256

      6e472e4bd35cfcbd3edc71213c2dae5569a5cef8d813d3f0fd9d06acfa115975

    • SHA512

      1ffc930cc3fa48690aa1caf453dc829c2d12877335eaf9884b32de4680f65c50ae9f109ddecf0dcec3620d566567b19a6f57375584970108efbb18a41c23f924

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks