General

  • Target

    078123cb9d64ad3a741365fffbad9ed6dd16d5605fbe673bee4ca64af1127c56

  • Size

    158KB

  • Sample

    210624-xhx8mmvfsj

  • MD5

    c7ab3995901a7055ae2598e3862f8149

  • SHA1

    20737f447f43eb1cd099391a64b0eb9cae7a6112

  • SHA256

    078123cb9d64ad3a741365fffbad9ed6dd16d5605fbe673bee4ca64af1127c56

  • SHA512

    2a67eb5d89cd9bd5ff3b4febe008e566ef11e8fc44e92d0736b66acc216d33c770443d854217525b33efdd4cb0418305400419484699a73288e7bb7159b6b2ce

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172

rc4.plain
rc4.plain

Targets

    • Target

      078123cb9d64ad3a741365fffbad9ed6dd16d5605fbe673bee4ca64af1127c56

    • Size

      158KB

    • MD5

      c7ab3995901a7055ae2598e3862f8149

    • SHA1

      20737f447f43eb1cd099391a64b0eb9cae7a6112

    • SHA256

      078123cb9d64ad3a741365fffbad9ed6dd16d5605fbe673bee4ca64af1127c56

    • SHA512

      2a67eb5d89cd9bd5ff3b4febe008e566ef11e8fc44e92d0736b66acc216d33c770443d854217525b33efdd4cb0418305400419484699a73288e7bb7159b6b2ce

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Matrix ATT&CK v6

Discovery

System Information Discovery

1
T1082

Tasks