General

  • Target

    082ca8f8177174553ccbee2dc3db353e374c5bd0f686d0748a04223439cc4e06

  • Size

    158KB

  • Sample

    210623-z3l65aejts

  • MD5

    1ee290724a2edc1fb618fae10e3b9414

  • SHA1

    e441f792de8e730db99cb25c0b313e8b8def8e14

  • SHA256

    082ca8f8177174553ccbee2dc3db353e374c5bd0f686d0748a04223439cc4e06

  • SHA512

    f91260f016b0746b6335ffb8ca4e55c323396e2a733ff3d3a834dc40a985ae289ce8291b3ce3ba30c8e503c7d74ac2a48d399d90cfdb55639e18f91fb83a965b

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172

rc4.plain
rc4.plain

Targets

    • Target

      082ca8f8177174553ccbee2dc3db353e374c5bd0f686d0748a04223439cc4e06

    • Size

      158KB

    • MD5

      1ee290724a2edc1fb618fae10e3b9414

    • SHA1

      e441f792de8e730db99cb25c0b313e8b8def8e14

    • SHA256

      082ca8f8177174553ccbee2dc3db353e374c5bd0f686d0748a04223439cc4e06

    • SHA512

      f91260f016b0746b6335ffb8ca4e55c323396e2a733ff3d3a834dc40a985ae289ce8291b3ce3ba30c8e503c7d74ac2a48d399d90cfdb55639e18f91fb83a965b

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks