General

  • Target

    d91ed287752a7b3f976d016473e494ebf965605e4b1ae610e40160c24f0dde4f

  • Size

    158KB

  • Sample

    210623-mkm3jc2frj

  • MD5

    0696c0b3e311c3914268a48fd1d3b1c2

  • SHA1

    4d659475c10562f8107d9ae9288cc00c280db16d

  • SHA256

    d91ed287752a7b3f976d016473e494ebf965605e4b1ae610e40160c24f0dde4f

  • SHA512

    531aa5d176e0f7a468ba12d623f6acaaf74f0666ad5bd5a0312655e0c43903de6e8e4eb46191704234606a6f5dc3ac0772b43fcf50729d03b9146de69d6aa89e

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172

rc4.plain
rc4.plain

Targets

    • Target

      d91ed287752a7b3f976d016473e494ebf965605e4b1ae610e40160c24f0dde4f

    • Size

      158KB

    • MD5

      0696c0b3e311c3914268a48fd1d3b1c2

    • SHA1

      4d659475c10562f8107d9ae9288cc00c280db16d

    • SHA256

      d91ed287752a7b3f976d016473e494ebf965605e4b1ae610e40160c24f0dde4f

    • SHA512

      531aa5d176e0f7a468ba12d623f6acaaf74f0666ad5bd5a0312655e0c43903de6e8e4eb46191704234606a6f5dc3ac0772b43fcf50729d03b9146de69d6aa89e

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks