General

  • Target

    c8aeb377e20c2800f4f6ba551feb057948f8e76638334c7c5cf7813fa9017767

  • Size

    162KB

  • Sample

    210623-s3rp96ha82

  • MD5

    9cae4dd117d94b627fccc2c09adfd61b

  • SHA1

    8e93d2376d393722bc36a123739051f759954652

  • SHA256

    c8aeb377e20c2800f4f6ba551feb057948f8e76638334c7c5cf7813fa9017767

  • SHA512

    0097d8de8307a839fbc24fb9fea0d5e6e86073653b434333e9d71fb15bcf69e79399853152681f2eb25d65f6ac781bed06ea43129720bdbd30f7e71bf272de52

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      c8aeb377e20c2800f4f6ba551feb057948f8e76638334c7c5cf7813fa9017767

    • Size

      162KB

    • MD5

      9cae4dd117d94b627fccc2c09adfd61b

    • SHA1

      8e93d2376d393722bc36a123739051f759954652

    • SHA256

      c8aeb377e20c2800f4f6ba551feb057948f8e76638334c7c5cf7813fa9017767

    • SHA512

      0097d8de8307a839fbc24fb9fea0d5e6e86073653b434333e9d71fb15bcf69e79399853152681f2eb25d65f6ac781bed06ea43129720bdbd30f7e71bf272de52

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks