General

  • Target

    268909222803910573eac597567363112ad79305a94fe1e2f6b46a31cd533cfc

  • Size

    162KB

  • Sample

    210622-t4dfk2tapn

  • MD5

    e3afa00a36df3ccdce6574b8b67d13a8

  • SHA1

    48730beeb6273182b828b0db821ef8c9be5ef799

  • SHA256

    268909222803910573eac597567363112ad79305a94fe1e2f6b46a31cd533cfc

  • SHA512

    ecf95803d54e7df8ec2839f46d0b632bf1a7a1e6b2b5f02ee474692a814b009119b0771705eec70fb2034ac9d437fb18be60f8aae65853f141bbb883eafdd2ef

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      268909222803910573eac597567363112ad79305a94fe1e2f6b46a31cd533cfc

    • Size

      162KB

    • MD5

      e3afa00a36df3ccdce6574b8b67d13a8

    • SHA1

      48730beeb6273182b828b0db821ef8c9be5ef799

    • SHA256

      268909222803910573eac597567363112ad79305a94fe1e2f6b46a31cd533cfc

    • SHA512

      ecf95803d54e7df8ec2839f46d0b632bf1a7a1e6b2b5f02ee474692a814b009119b0771705eec70fb2034ac9d437fb18be60f8aae65853f141bbb883eafdd2ef

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks