General

  • Target

    b379b0908234069f04b422ddfb1bb1b0ad3cecace468e9fc6f4b6571ff00f51f

  • Size

    162KB

  • Sample

    210629-nn3dprbehe

  • MD5

    46ebf92b730bdb9bc70a03ca395105e8

  • SHA1

    b484bfb97d232fc8349c1420f93b301905d592fb

  • SHA256

    b379b0908234069f04b422ddfb1bb1b0ad3cecace468e9fc6f4b6571ff00f51f

  • SHA512

    27c01a43f897b5287f691ce146a040140568a2f08373dacec02b63bdb9f2c38351517e023159d54fe02ba69ffebd702271bb7d5117780add3b4ca87d54e200df

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      b379b0908234069f04b422ddfb1bb1b0ad3cecace468e9fc6f4b6571ff00f51f

    • Size

      162KB

    • MD5

      46ebf92b730bdb9bc70a03ca395105e8

    • SHA1

      b484bfb97d232fc8349c1420f93b301905d592fb

    • SHA256

      b379b0908234069f04b422ddfb1bb1b0ad3cecace468e9fc6f4b6571ff00f51f

    • SHA512

      27c01a43f897b5287f691ce146a040140568a2f08373dacec02b63bdb9f2c38351517e023159d54fe02ba69ffebd702271bb7d5117780add3b4ca87d54e200df

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks