General

  • Target

    e4c7d9a48ceb3ca711476f33dd80bd9db83df79772e45774c20b3e79aab5a078

  • Size

    162KB

  • Sample

    210622-v8bsn5g5vx

  • MD5

    5c48ed03b957ff332d612ced444e9072

  • SHA1

    d7de16b26f552a76d2702436871b88eac0ef1038

  • SHA256

    e4c7d9a48ceb3ca711476f33dd80bd9db83df79772e45774c20b3e79aab5a078

  • SHA512

    fccbed790f37c1ab07e682c98870161ef2ff91ed85712a58c762ebda9a4adbe1393e23a062c652bac1c55710478486be3e5986cce6a2b2fe646341a775fb7529

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      e4c7d9a48ceb3ca711476f33dd80bd9db83df79772e45774c20b3e79aab5a078

    • Size

      162KB

    • MD5

      5c48ed03b957ff332d612ced444e9072

    • SHA1

      d7de16b26f552a76d2702436871b88eac0ef1038

    • SHA256

      e4c7d9a48ceb3ca711476f33dd80bd9db83df79772e45774c20b3e79aab5a078

    • SHA512

      fccbed790f37c1ab07e682c98870161ef2ff91ed85712a58c762ebda9a4adbe1393e23a062c652bac1c55710478486be3e5986cce6a2b2fe646341a775fb7529

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks