General

  • Target

    6be02ac7cee4f34435cf5fd802936eae

  • Size

    1.1MB

  • Sample

    240121-aqk2qabfc6

  • MD5

    6be02ac7cee4f34435cf5fd802936eae

  • SHA1

    4a1b80f0bebd072f3bde2ff5520d47817754a86e

  • SHA256

    139b80299714889bf1a8f98d261724fd5c1ed12282ef9c45d9d5d87f9f049686

  • SHA512

    d9bba030f39a66d94c396c138ac6d3ea142acb086aa5f222e9759d6ae225826ea44c3b6c514778c1a75951d30f7b548843dd1dee54af07541cb051400e34d68e

  • SSDEEP

    12288:fM+ZdkmHubeaCo6TRg522A/sUQBJ8Svp:fMcpTo6a00BO+

Malware Config

Extracted

Family

dridex

Botnet

10111

C2

176.9.89.122:10172

147.91.31.1:6225

103.30.247.115:7443

rc4.plain
rc4.plain

Targets

    • Target

      6be02ac7cee4f34435cf5fd802936eae

    • Size

      1.1MB

    • MD5

      6be02ac7cee4f34435cf5fd802936eae

    • SHA1

      4a1b80f0bebd072f3bde2ff5520d47817754a86e

    • SHA256

      139b80299714889bf1a8f98d261724fd5c1ed12282ef9c45d9d5d87f9f049686

    • SHA512

      d9bba030f39a66d94c396c138ac6d3ea142acb086aa5f222e9759d6ae225826ea44c3b6c514778c1a75951d30f7b548843dd1dee54af07541cb051400e34d68e

    • SSDEEP

      12288:fM+ZdkmHubeaCo6TRg522A/sUQBJ8Svp:fMcpTo6a00BO+

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks