General

  • Target

    d0436de97af1abb92ac360741de44305d05906d9e164ece80fabbe10579cb12d

  • Size

    162KB

  • Sample

    210628-fdagc3z1z2

  • MD5

    6b8966cff56ad4cc67b25f6baeb1f351

  • SHA1

    f8fc69d9fed1219a7c8ae42745376d57eac49186

  • SHA256

    d0436de97af1abb92ac360741de44305d05906d9e164ece80fabbe10579cb12d

  • SHA512

    067316a3d6aee31a34ef5ece0ea4f9fc71a65cda5f61c3a4751d44363705697d5f8d470b044917bfa86e5a99449a4a5a431778f7c13add0085d740944663dcca

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      d0436de97af1abb92ac360741de44305d05906d9e164ece80fabbe10579cb12d

    • Size

      162KB

    • MD5

      6b8966cff56ad4cc67b25f6baeb1f351

    • SHA1

      f8fc69d9fed1219a7c8ae42745376d57eac49186

    • SHA256

      d0436de97af1abb92ac360741de44305d05906d9e164ece80fabbe10579cb12d

    • SHA512

      067316a3d6aee31a34ef5ece0ea4f9fc71a65cda5f61c3a4751d44363705697d5f8d470b044917bfa86e5a99449a4a5a431778f7c13add0085d740944663dcca

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks