General

  • Target

    8088724714714bf585560f33c78ac98f43e0af52b3e76ed2976934570eddb1c5

  • Size

    162KB

  • Sample

    210623-2gyrkcjf2s

  • MD5

    4a40b531035e20ee518aea63d934c7d4

  • SHA1

    c1694bb784c1fc86afd745ad383073d5bc8f95f6

  • SHA256

    8088724714714bf585560f33c78ac98f43e0af52b3e76ed2976934570eddb1c5

  • SHA512

    69b2dda9b86e896532df9a9918febccf0681b2dcad3edf4f0a78130ef6ca840c4cdfcb3eba1b0f9d2de90aeb86f625f3da783c962381d5b856d9fd4312c6a466

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      8088724714714bf585560f33c78ac98f43e0af52b3e76ed2976934570eddb1c5

    • Size

      162KB

    • MD5

      4a40b531035e20ee518aea63d934c7d4

    • SHA1

      c1694bb784c1fc86afd745ad383073d5bc8f95f6

    • SHA256

      8088724714714bf585560f33c78ac98f43e0af52b3e76ed2976934570eddb1c5

    • SHA512

      69b2dda9b86e896532df9a9918febccf0681b2dcad3edf4f0a78130ef6ca840c4cdfcb3eba1b0f9d2de90aeb86f625f3da783c962381d5b856d9fd4312c6a466

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks