General

  • Target

    8c688995ecc76c67a7f09ef52e864b700342fb014dd97ac4d77463c90e6ae114

  • Size

    162KB

  • Sample

    210629-wlsw4v8842

  • MD5

    877ba421915a1026326a42dbd51ce109

  • SHA1

    d5e96903093b40a7dfe088985d8fd3cd2cf6aa18

  • SHA256

    8c688995ecc76c67a7f09ef52e864b700342fb014dd97ac4d77463c90e6ae114

  • SHA512

    ff77e3a063a382461ba12a67b6d8ed912fbe2b645644b698a50838e901ff91b27b55ae15c200c7f5539f4da7fd21d335da968bed930c97f25656f414fef032a7

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      8c688995ecc76c67a7f09ef52e864b700342fb014dd97ac4d77463c90e6ae114

    • Size

      162KB

    • MD5

      877ba421915a1026326a42dbd51ce109

    • SHA1

      d5e96903093b40a7dfe088985d8fd3cd2cf6aa18

    • SHA256

      8c688995ecc76c67a7f09ef52e864b700342fb014dd97ac4d77463c90e6ae114

    • SHA512

      ff77e3a063a382461ba12a67b6d8ed912fbe2b645644b698a50838e901ff91b27b55ae15c200c7f5539f4da7fd21d335da968bed930c97f25656f414fef032a7

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks