General

  • Target

    9e60b9a23d5ae2cc2a2bf2f1a75c0b2e163fd415cf4b0f21f807034e6263ec7d

  • Size

    158KB

  • Sample

    210629-337ddtmwje

  • MD5

    f712711c570834a5b5bb5c95310d1682

  • SHA1

    7de0952608a2dcb1caf7356ff7133ffdf1c2641c

  • SHA256

    9e60b9a23d5ae2cc2a2bf2f1a75c0b2e163fd415cf4b0f21f807034e6263ec7d

  • SHA512

    f1559fd03f9aa67473fae600ec07f0ef87cb5abdb7741556632ed5a5465f171f99a7ef6c1c234f9512784d4805eadbf8321288de80ec8ba27f6e6dee04573a2e

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172

rc4.plain
rc4.plain

Targets

    • Target

      9e60b9a23d5ae2cc2a2bf2f1a75c0b2e163fd415cf4b0f21f807034e6263ec7d

    • Size

      158KB

    • MD5

      f712711c570834a5b5bb5c95310d1682

    • SHA1

      7de0952608a2dcb1caf7356ff7133ffdf1c2641c

    • SHA256

      9e60b9a23d5ae2cc2a2bf2f1a75c0b2e163fd415cf4b0f21f807034e6263ec7d

    • SHA512

      f1559fd03f9aa67473fae600ec07f0ef87cb5abdb7741556632ed5a5465f171f99a7ef6c1c234f9512784d4805eadbf8321288de80ec8ba27f6e6dee04573a2e

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks