General

  • Target

    88f885b80f7af3f4b26d36575d133852c1373e2dbc8bf42f6d1f5f123b6b930b

  • Size

    162KB

  • Sample

    210628-jpdzn9q93e

  • MD5

    2a75dda1ccd89ec68447b500524cbeff

  • SHA1

    239fba976fbd21ceccd3d98f3ee02acee0425fd8

  • SHA256

    88f885b80f7af3f4b26d36575d133852c1373e2dbc8bf42f6d1f5f123b6b930b

  • SHA512

    2f4e0dec8d0ea9576a2939d1a879eefa64cc1f788625df94692b227a2b08c19cf636ecdf8774fa4264180c14c1e97081b48e5b761c63039d7b2af548eb3f1152

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      88f885b80f7af3f4b26d36575d133852c1373e2dbc8bf42f6d1f5f123b6b930b

    • Size

      162KB

    • MD5

      2a75dda1ccd89ec68447b500524cbeff

    • SHA1

      239fba976fbd21ceccd3d98f3ee02acee0425fd8

    • SHA256

      88f885b80f7af3f4b26d36575d133852c1373e2dbc8bf42f6d1f5f123b6b930b

    • SHA512

      2f4e0dec8d0ea9576a2939d1a879eefa64cc1f788625df94692b227a2b08c19cf636ecdf8774fa4264180c14c1e97081b48e5b761c63039d7b2af548eb3f1152

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks