General

  • Target

    e5ee59d1b08258593312c1582836bd31e1a59f16cd37712c96932d56ef77c419

  • Size

    162KB

  • Sample

    210628-l1g39pj58e

  • MD5

    716bb68754c69e96d02c205d7674297d

  • SHA1

    3eb843f0b5a393b3d652765b73dcbaa137450df1

  • SHA256

    e5ee59d1b08258593312c1582836bd31e1a59f16cd37712c96932d56ef77c419

  • SHA512

    77a3570924167a11ea3bc2fcd0087541b85e65476eb2b03850c5033086c519304fab3ce51121468674fd8633e30aef2aef4bba0f663d6cd0e368ae4b1f6ef060

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      e5ee59d1b08258593312c1582836bd31e1a59f16cd37712c96932d56ef77c419

    • Size

      162KB

    • MD5

      716bb68754c69e96d02c205d7674297d

    • SHA1

      3eb843f0b5a393b3d652765b73dcbaa137450df1

    • SHA256

      e5ee59d1b08258593312c1582836bd31e1a59f16cd37712c96932d56ef77c419

    • SHA512

      77a3570924167a11ea3bc2fcd0087541b85e65476eb2b03850c5033086c519304fab3ce51121468674fd8633e30aef2aef4bba0f663d6cd0e368ae4b1f6ef060

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks