General

  • Target

    8ac9f94f71012aabc992d86e3dc3ab31efe7dd38b810f0234571036598628f2b

  • Size

    162KB

  • Sample

    210629-bze11qfjwa

  • MD5

    66aa4a2de4c419d5dea25e27d271dbec

  • SHA1

    d597be140b112514111094c38537471244d81a34

  • SHA256

    8ac9f94f71012aabc992d86e3dc3ab31efe7dd38b810f0234571036598628f2b

  • SHA512

    6ee920cb59caf0cd7643d6a1b3bd41914110ab2283511ace356568de38e49fe44b70ac35ce9fb3e12c4f98c66b03bdf44ab13ab3bf0ab104ffa4bc8792fe5b90

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      8ac9f94f71012aabc992d86e3dc3ab31efe7dd38b810f0234571036598628f2b

    • Size

      162KB

    • MD5

      66aa4a2de4c419d5dea25e27d271dbec

    • SHA1

      d597be140b112514111094c38537471244d81a34

    • SHA256

      8ac9f94f71012aabc992d86e3dc3ab31efe7dd38b810f0234571036598628f2b

    • SHA512

      6ee920cb59caf0cd7643d6a1b3bd41914110ab2283511ace356568de38e49fe44b70ac35ce9fb3e12c4f98c66b03bdf44ab13ab3bf0ab104ffa4bc8792fe5b90

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks