General
-
Target
f09a4b219affd8adb0e17c84f487448f7e634a254eeccad5e1094299eb7eeaf7
-
Size
188KB
-
Sample
210224-jbr3zrz59e
-
MD5
66c491374c8fa433e6f922845dff9a8e
-
SHA1
c93987310472d07870c61f42c1fcd8cd2e567ddf
-
SHA256
f09a4b219affd8adb0e17c84f487448f7e634a254eeccad5e1094299eb7eeaf7
-
SHA512
3347893535bd9464defc3b6d62b6a7ee1877d618d96cb9653885e677f8b029c2af8c89775d94e676bdb8d8384f5145699115c485cdb145e29d8cabff398b3f01
Malware Config
Extracted
dridex
111
209.151.236.42:443
91.121.94.86:8172
5.189.144.136:6516
Targets
-
-
Target
f09a4b219affd8adb0e17c84f487448f7e634a254eeccad5e1094299eb7eeaf7
-
Size
188KB
-
MD5
66c491374c8fa433e6f922845dff9a8e
-
SHA1
c93987310472d07870c61f42c1fcd8cd2e567ddf
-
SHA256
f09a4b219affd8adb0e17c84f487448f7e634a254eeccad5e1094299eb7eeaf7
-
SHA512
3347893535bd9464defc3b6d62b6a7ee1877d618d96cb9653885e677f8b029c2af8c89775d94e676bdb8d8384f5145699115c485cdb145e29d8cabff398b3f01
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Loader
Detects Dridex both x86 and x64 loader in memory.
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-