General
-
Target
59601800fce93816880a6e2f325b8376d8fb2769fdb8fb57b146a366c9ed3cc9
-
Size
1.2MB
-
Sample
201111-1nmfsx38pj
-
MD5
ff65be4cf611293ec463d7902335d2e5
-
SHA1
a6c0295c1146db9ec0e5f206687891eeff94a4a8
-
SHA256
59601800fce93816880a6e2f325b8376d8fb2769fdb8fb57b146a366c9ed3cc9
-
SHA512
e69927547ca0326938a948c4215512100aeccd6d53c35906c4f8f4837063c23fde5896d2908715ea94d3ed0c7023984f57785db63ec55672077300c4cf706602
Malware Config
Extracted
dridex
10444
94.126.8.2:443
37.187.161.206:33443
209.59.199.129:4443
157.245.130.146:3786
Targets
-
-
Target
59601800fce93816880a6e2f325b8376d8fb2769fdb8fb57b146a366c9ed3cc9
-
Size
1.2MB
-
MD5
ff65be4cf611293ec463d7902335d2e5
-
SHA1
a6c0295c1146db9ec0e5f206687891eeff94a4a8
-
SHA256
59601800fce93816880a6e2f325b8376d8fb2769fdb8fb57b146a366c9ed3cc9
-
SHA512
e69927547ca0326938a948c4215512100aeccd6d53c35906c4f8f4837063c23fde5896d2908715ea94d3ed0c7023984f57785db63ec55672077300c4cf706602
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Loader
Detects Dridex both x86 and x64 loader in memory.
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-