General

  • Target

    d0a9777d063838dbf9d566a8ae327c4e

  • Size

    173KB

  • Sample

    210726-43r5anj14n

  • MD5

    d0a9777d063838dbf9d566a8ae327c4e

  • SHA1

    6f92815c9209e5d1e1bc1100b5f6c59502ab32d8

  • SHA256

    cbe76441844bd0b28afb2b183f52ef3bec4c2a4b26884219049ba2618a823989

  • SHA512

    174082c78d9ea76724cee9736a07400e3cb24b1d4ba0d6f4e4e4ab2b89043633af5f67cb853edd6af33f894149c66787a4eecf69dfe35abea50c1b283fdceefb

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

45.79.33.48:443

139.162.202.74:5007

68.183.216.174:7443

rc4.plain
rc4.plain

Targets

    • Target

      d0a9777d063838dbf9d566a8ae327c4e

    • Size

      173KB

    • MD5

      d0a9777d063838dbf9d566a8ae327c4e

    • SHA1

      6f92815c9209e5d1e1bc1100b5f6c59502ab32d8

    • SHA256

      cbe76441844bd0b28afb2b183f52ef3bec4c2a4b26884219049ba2618a823989

    • SHA512

      174082c78d9ea76724cee9736a07400e3cb24b1d4ba0d6f4e4e4ab2b89043633af5f67cb853edd6af33f894149c66787a4eecf69dfe35abea50c1b283fdceefb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Matrix ATT&CK v6

Discovery

System Information Discovery

1
T1082

Tasks