General

  • Target

    83f118fe48876701826f8396eda0751422f0f9b015eaca035869453ce8c13ff6

  • Size

    158KB

  • Sample

    210629-jtt7nlfb22

  • MD5

    8dfecb4f51966e4307dd252da5d4170d

  • SHA1

    3ac30aaccd49206ed83d294cec8d292ea9283fac

  • SHA256

    83f118fe48876701826f8396eda0751422f0f9b015eaca035869453ce8c13ff6

  • SHA512

    02be698466459c2c4f8433994470c69495bef1b4b1ac8a459e9e345c65ad09a6876a500aae27c9b9a75de0117849b8b0fd47c9179949009fde430280795d90c1

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172

rc4.plain
rc4.plain

Targets

    • Target

      83f118fe48876701826f8396eda0751422f0f9b015eaca035869453ce8c13ff6

    • Size

      158KB

    • MD5

      8dfecb4f51966e4307dd252da5d4170d

    • SHA1

      3ac30aaccd49206ed83d294cec8d292ea9283fac

    • SHA256

      83f118fe48876701826f8396eda0751422f0f9b015eaca035869453ce8c13ff6

    • SHA512

      02be698466459c2c4f8433994470c69495bef1b4b1ac8a459e9e345c65ad09a6876a500aae27c9b9a75de0117849b8b0fd47c9179949009fde430280795d90c1

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks