General

  • Target

    4ff21108a746a1b709948b8b5157973c3a6061231f2455cb7997b46a9e394222

  • Size

    162KB

  • Sample

    210629-4dm1e2m8ea

  • MD5

    79af7296f4c24ceb2060c340803fe3ff

  • SHA1

    3b1612772b8d7a81ff4ac2fa2184f497e304ec50

  • SHA256

    4ff21108a746a1b709948b8b5157973c3a6061231f2455cb7997b46a9e394222

  • SHA512

    f3882efba4251a09bb58e859ce0808d79248012b6fab661eeeab415b32c133bbbb62dce54ef061c0c35e07d8969ffb85d0da6eecf1633a2f722bee8fdfee2e10

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      4ff21108a746a1b709948b8b5157973c3a6061231f2455cb7997b46a9e394222

    • Size

      162KB

    • MD5

      79af7296f4c24ceb2060c340803fe3ff

    • SHA1

      3b1612772b8d7a81ff4ac2fa2184f497e304ec50

    • SHA256

      4ff21108a746a1b709948b8b5157973c3a6061231f2455cb7997b46a9e394222

    • SHA512

      f3882efba4251a09bb58e859ce0808d79248012b6fab661eeeab415b32c133bbbb62dce54ef061c0c35e07d8969ffb85d0da6eecf1633a2f722bee8fdfee2e10

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks