General

  • Target

    19224bfca1af04c5548f61f93877dfdda1194f9a3b018385d72e5bb96cc8b00d

  • Size

    173KB

  • Sample

    210727-twkn6t81mn

  • MD5

    f6d7184a7a5ea749feb9d767ba4ef007

  • SHA1

    fbbf4cd832b2dac5618d953e50a2f285ce529e39

  • SHA256

    19224bfca1af04c5548f61f93877dfdda1194f9a3b018385d72e5bb96cc8b00d

  • SHA512

    e80ee3f1c9f3b6fc4ac8107814a021648d3bd5fd5e0b1d517746f9256d8d3bcd0e633405b931b90c32522b272451d03d1b4d19840fa8700b81f6ec30b5245031

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

45.79.33.48:443

139.162.202.74:5007

68.183.216.174:7443

rc4.plain
rc4.plain

Targets

    • Target

      19224bfca1af04c5548f61f93877dfdda1194f9a3b018385d72e5bb96cc8b00d

    • Size

      173KB

    • MD5

      f6d7184a7a5ea749feb9d767ba4ef007

    • SHA1

      fbbf4cd832b2dac5618d953e50a2f285ce529e39

    • SHA256

      19224bfca1af04c5548f61f93877dfdda1194f9a3b018385d72e5bb96cc8b00d

    • SHA512

      e80ee3f1c9f3b6fc4ac8107814a021648d3bd5fd5e0b1d517746f9256d8d3bcd0e633405b931b90c32522b272451d03d1b4d19840fa8700b81f6ec30b5245031

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Matrix ATT&CK v6

Discovery

System Information Discovery

1
T1082

Tasks