General

  • Target

    4e7c154b4c4ef671a006a4546eaf640f71f656604fe4cfa5b6887a2bebeab992

  • Size

    162KB

  • Sample

    210628-h2hrjzs396

  • MD5

    706687cb159a0d656bf1e1b8b16e0678

  • SHA1

    48d47886e1c83a88e8420da053440f4f60ead167

  • SHA256

    4e7c154b4c4ef671a006a4546eaf640f71f656604fe4cfa5b6887a2bebeab992

  • SHA512

    6ce832dafe423ad469e39710e2fb9185be61c7d91ff9a5144c39b48cd0062269742c0f50b5bb04025952a335e2b47ac0e2a62ca066803ecc6ce96d376dacc1f2

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      4e7c154b4c4ef671a006a4546eaf640f71f656604fe4cfa5b6887a2bebeab992

    • Size

      162KB

    • MD5

      706687cb159a0d656bf1e1b8b16e0678

    • SHA1

      48d47886e1c83a88e8420da053440f4f60ead167

    • SHA256

      4e7c154b4c4ef671a006a4546eaf640f71f656604fe4cfa5b6887a2bebeab992

    • SHA512

      6ce832dafe423ad469e39710e2fb9185be61c7d91ff9a5144c39b48cd0062269742c0f50b5bb04025952a335e2b47ac0e2a62ca066803ecc6ce96d376dacc1f2

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks