General

  • Target

    269dcf7ec0b93a5d2655e2d33b7c465d262e8886e0b256a59948ca38a185b234

  • Size

    158KB

  • Sample

    210629-qxndd6c8mj

  • MD5

    472cb0ee6eefd093b7eba00e3b217c97

  • SHA1

    43436fa5c8b52d44adf58d9414243fa081df7a44

  • SHA256

    269dcf7ec0b93a5d2655e2d33b7c465d262e8886e0b256a59948ca38a185b234

  • SHA512

    d0beb24ef9bb252d7a00bb1ba06ffc81458c35d02308b872557dc6c69f37e815c288b788fdd7f4d2a75f0f7d8ef70ad1b1a3c8cccb2b41d944c9564299b44359

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172

rc4.plain
rc4.plain

Targets

    • Target

      269dcf7ec0b93a5d2655e2d33b7c465d262e8886e0b256a59948ca38a185b234

    • Size

      158KB

    • MD5

      472cb0ee6eefd093b7eba00e3b217c97

    • SHA1

      43436fa5c8b52d44adf58d9414243fa081df7a44

    • SHA256

      269dcf7ec0b93a5d2655e2d33b7c465d262e8886e0b256a59948ca38a185b234

    • SHA512

      d0beb24ef9bb252d7a00bb1ba06ffc81458c35d02308b872557dc6c69f37e815c288b788fdd7f4d2a75f0f7d8ef70ad1b1a3c8cccb2b41d944c9564299b44359

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks