General

  • Target

    e7c7b3348dcfd5d2e2aa4e155ea66624126f15c77d7458ec069138fe9ee5b7e3

  • Size

    162KB

  • Sample

    210629-jsl9p9ntn6

  • MD5

    25f80dae11fdf8100b89e76957b5194e

  • SHA1

    7e4701903b31f8a10c5501ddc049e0e33b2645be

  • SHA256

    e7c7b3348dcfd5d2e2aa4e155ea66624126f15c77d7458ec069138fe9ee5b7e3

  • SHA512

    f4d62e4571931028e8f79c09e2772c202e58c15a2122b9780e0b5402e1e37f6272db677a66b5e4a445d9b8c33b10282dcf36cc0b80e615b8049e31f91eef6120

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      e7c7b3348dcfd5d2e2aa4e155ea66624126f15c77d7458ec069138fe9ee5b7e3

    • Size

      162KB

    • MD5

      25f80dae11fdf8100b89e76957b5194e

    • SHA1

      7e4701903b31f8a10c5501ddc049e0e33b2645be

    • SHA256

      e7c7b3348dcfd5d2e2aa4e155ea66624126f15c77d7458ec069138fe9ee5b7e3

    • SHA512

      f4d62e4571931028e8f79c09e2772c202e58c15a2122b9780e0b5402e1e37f6272db677a66b5e4a445d9b8c33b10282dcf36cc0b80e615b8049e31f91eef6120

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks