General
-
Target
2e02d19bbb22786751d949e485365fa060089f37a2eaca4131a6623f06ce3d12
-
Size
188KB
-
Sample
210224-9ahvdjw5pn
-
MD5
47033e31fbee6dcb98e04d2e1117472e
-
SHA1
cafc39ca3ab6fdf32bdfa125153907e9ca6c1131
-
SHA256
2e02d19bbb22786751d949e485365fa060089f37a2eaca4131a6623f06ce3d12
-
SHA512
5a321215652cca45077f713418395cfe1c5cca124a7cec37d8459721062ea02de8fac434ed5e4c64ad73ae80e805cacf7d4ba6d86828cb3232b9f5c784572a71
Malware Config
Extracted
dridex
111
209.151.236.42:443
91.121.94.86:8172
5.189.144.136:6516
Targets
-
-
Target
2e02d19bbb22786751d949e485365fa060089f37a2eaca4131a6623f06ce3d12
-
Size
188KB
-
MD5
47033e31fbee6dcb98e04d2e1117472e
-
SHA1
cafc39ca3ab6fdf32bdfa125153907e9ca6c1131
-
SHA256
2e02d19bbb22786751d949e485365fa060089f37a2eaca4131a6623f06ce3d12
-
SHA512
5a321215652cca45077f713418395cfe1c5cca124a7cec37d8459721062ea02de8fac434ed5e4c64ad73ae80e805cacf7d4ba6d86828cb3232b9f5c784572a71
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Loader
Detects Dridex both x86 and x64 loader in memory.
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-