General

  • Target

    dee1c6623d8a22762ce921fea73e2175f762a8c20e27de89b1d5ee478c1f3708

  • Size

    158KB

  • Sample

    210628-3g71rlbbfx

  • MD5

    c108cce70b076f87c5ca871fd79d7df6

  • SHA1

    5107b9f00e3d05c7b6f95bde9967ef8c54e16d28

  • SHA256

    dee1c6623d8a22762ce921fea73e2175f762a8c20e27de89b1d5ee478c1f3708

  • SHA512

    ea240c47ab9c21abda438b16f65ffb2fcefa08d1b4292a50bc1f2d0c0cf6e19c89cef66762dde0ebb5798d3bb8708dd3a8ffde32fbcc786717f07ddf6729f1f9

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172

rc4.plain
rc4.plain

Targets

    • Target

      dee1c6623d8a22762ce921fea73e2175f762a8c20e27de89b1d5ee478c1f3708

    • Size

      158KB

    • MD5

      c108cce70b076f87c5ca871fd79d7df6

    • SHA1

      5107b9f00e3d05c7b6f95bde9967ef8c54e16d28

    • SHA256

      dee1c6623d8a22762ce921fea73e2175f762a8c20e27de89b1d5ee478c1f3708

    • SHA512

      ea240c47ab9c21abda438b16f65ffb2fcefa08d1b4292a50bc1f2d0c0cf6e19c89cef66762dde0ebb5798d3bb8708dd3a8ffde32fbcc786717f07ddf6729f1f9

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks