General

  • Target

    436b702f02716cdd81dd75653458520f42341e597ae0f8ffb8c894694795beb8

  • Size

    162KB

  • Sample

    210629-8wq1cjj4as

  • MD5

    3869e4fbc57027b71eb57af22fb732f7

  • SHA1

    13bb492e01dccc328e2ae7b6890518909cd17bf9

  • SHA256

    436b702f02716cdd81dd75653458520f42341e597ae0f8ffb8c894694795beb8

  • SHA512

    77fe514ca29c05fa95f1d803ea1c18d99701a45ce5eb11ea30290c5320a4f0ccc53d1095a83d8f2856d281af708e54cd12634e90dd5897848cda108a254cdc13

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      436b702f02716cdd81dd75653458520f42341e597ae0f8ffb8c894694795beb8

    • Size

      162KB

    • MD5

      3869e4fbc57027b71eb57af22fb732f7

    • SHA1

      13bb492e01dccc328e2ae7b6890518909cd17bf9

    • SHA256

      436b702f02716cdd81dd75653458520f42341e597ae0f8ffb8c894694795beb8

    • SHA512

      77fe514ca29c05fa95f1d803ea1c18d99701a45ce5eb11ea30290c5320a4f0ccc53d1095a83d8f2856d281af708e54cd12634e90dd5897848cda108a254cdc13

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks