General

  • Target

    ddaece917bfe2ddfb416b3b85c9f797e7502efb7f819b43e811f46e8b397a524

  • Size

    162KB

  • Sample

    210629-zx83p4xg1j

  • MD5

    f19de481a699ab021d6b49a080f4fe54

  • SHA1

    732bfbf73732f7b2ce4df130cb72527ace661bb2

  • SHA256

    ddaece917bfe2ddfb416b3b85c9f797e7502efb7f819b43e811f46e8b397a524

  • SHA512

    b245e77e87fdea22ee5846d61619732db4cfe6e35353c24ce9212e21e84eac909e129b7afc5a8fea6f1c669a647d0a61da0306c612758e72bec8836c8cb0bc14

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      ddaece917bfe2ddfb416b3b85c9f797e7502efb7f819b43e811f46e8b397a524

    • Size

      162KB

    • MD5

      f19de481a699ab021d6b49a080f4fe54

    • SHA1

      732bfbf73732f7b2ce4df130cb72527ace661bb2

    • SHA256

      ddaece917bfe2ddfb416b3b85c9f797e7502efb7f819b43e811f46e8b397a524

    • SHA512

      b245e77e87fdea22ee5846d61619732db4cfe6e35353c24ce9212e21e84eac909e129b7afc5a8fea6f1c669a647d0a61da0306c612758e72bec8836c8cb0bc14

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks