General

  • Target

    7ae7efceb57a31d1e97f5f59e333c283c43c1ab3eccb1b24ca4ac59559e031fd

  • Size

    162KB

  • Sample

    210622-rjz3b384ax

  • MD5

    69832051d6dd7a6fe9d8f9a0b573f93b

  • SHA1

    5d2f66fce5992e490c48796530ca59ec98db1536

  • SHA256

    7ae7efceb57a31d1e97f5f59e333c283c43c1ab3eccb1b24ca4ac59559e031fd

  • SHA512

    b350c65341b79892b7a939dd3533a0b7cb61bf617e1128b4858f72ea4162686bf08d799ecea64e8efc923bec933951c541960e430f95650b8fbfb4d64fda60a8

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      7ae7efceb57a31d1e97f5f59e333c283c43c1ab3eccb1b24ca4ac59559e031fd

    • Size

      162KB

    • MD5

      69832051d6dd7a6fe9d8f9a0b573f93b

    • SHA1

      5d2f66fce5992e490c48796530ca59ec98db1536

    • SHA256

      7ae7efceb57a31d1e97f5f59e333c283c43c1ab3eccb1b24ca4ac59559e031fd

    • SHA512

      b350c65341b79892b7a939dd3533a0b7cb61bf617e1128b4858f72ea4162686bf08d799ecea64e8efc923bec933951c541960e430f95650b8fbfb4d64fda60a8

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks