General

  • Target

    917342901f51b577c44142e8e1f50ceb8f9786cd5e39639efe440b91bdd8bfde

  • Size

    158KB

  • Sample

    210629-e321f8579x

  • MD5

    3827940249afda1d827bf14bd0c539b9

  • SHA1

    9c57328079e5fd2eae2972c5778ae4fa3ead6977

  • SHA256

    917342901f51b577c44142e8e1f50ceb8f9786cd5e39639efe440b91bdd8bfde

  • SHA512

    8b648f92f5907f489723c15bb2b38cc1bc6e5223f9d0b65d77d995650593e83c22a8507a9d61c97222b0bfced621e5a028454d77f160b808fc874a7e72ea9532

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172

rc4.plain
rc4.plain

Targets

    • Target

      917342901f51b577c44142e8e1f50ceb8f9786cd5e39639efe440b91bdd8bfde

    • Size

      158KB

    • MD5

      3827940249afda1d827bf14bd0c539b9

    • SHA1

      9c57328079e5fd2eae2972c5778ae4fa3ead6977

    • SHA256

      917342901f51b577c44142e8e1f50ceb8f9786cd5e39639efe440b91bdd8bfde

    • SHA512

      8b648f92f5907f489723c15bb2b38cc1bc6e5223f9d0b65d77d995650593e83c22a8507a9d61c97222b0bfced621e5a028454d77f160b808fc874a7e72ea9532

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks