General

  • Target

    9ab6fd6ed9dd5079947784653db033e2bf53b620b3c13df5154c1ea46cb8f066

  • Size

    162KB

  • Sample

    210629-865aaawt2a

  • MD5

    1ae491059d4b5612e70210f58ca9e305

  • SHA1

    f459a02b5e456f5af32782c4df43e7a9e7ca8e60

  • SHA256

    9ab6fd6ed9dd5079947784653db033e2bf53b620b3c13df5154c1ea46cb8f066

  • SHA512

    073206fbd121645621216cbcdc292f668b21db2a447108dd6937a6d5eb2d6ea6cf232bc3a26f5f0b4f67e25c421faf4b8054c26a07ae801658e4d70410877275

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      9ab6fd6ed9dd5079947784653db033e2bf53b620b3c13df5154c1ea46cb8f066

    • Size

      162KB

    • MD5

      1ae491059d4b5612e70210f58ca9e305

    • SHA1

      f459a02b5e456f5af32782c4df43e7a9e7ca8e60

    • SHA256

      9ab6fd6ed9dd5079947784653db033e2bf53b620b3c13df5154c1ea46cb8f066

    • SHA512

      073206fbd121645621216cbcdc292f668b21db2a447108dd6937a6d5eb2d6ea6cf232bc3a26f5f0b4f67e25c421faf4b8054c26a07ae801658e4d70410877275

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks