General

  • Target

    bedff7e6746849b6e5fb0ea7bcde146af3dc79346cb029b02186a50bae7ac06d

  • Size

    162KB

  • Sample

    210628-dkssrjvl6e

  • MD5

    046c49f5a3e504be961359c601e9dc19

  • SHA1

    866943b18c25c46f939ac4e7faa1c058c1759773

  • SHA256

    bedff7e6746849b6e5fb0ea7bcde146af3dc79346cb029b02186a50bae7ac06d

  • SHA512

    58b42cc1f1911658cb3ed6840df4c6b950a5e35023ff8cba9ee6acf65c82aee325e69bcce39f2a0bd32d602d7b22ac6080b5384ee6ca36348123b228cdc9dcdd

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      bedff7e6746849b6e5fb0ea7bcde146af3dc79346cb029b02186a50bae7ac06d

    • Size

      162KB

    • MD5

      046c49f5a3e504be961359c601e9dc19

    • SHA1

      866943b18c25c46f939ac4e7faa1c058c1759773

    • SHA256

      bedff7e6746849b6e5fb0ea7bcde146af3dc79346cb029b02186a50bae7ac06d

    • SHA512

      58b42cc1f1911658cb3ed6840df4c6b950a5e35023ff8cba9ee6acf65c82aee325e69bcce39f2a0bd32d602d7b22ac6080b5384ee6ca36348123b228cdc9dcdd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks