General
-
Target
25a9b90bd047a1624b3c44e252978c45111a847e33c80b6f288baeec64fcd2de
-
Size
188KB
-
Sample
210224-pssqrs15g6
-
MD5
bde9b46ed0d784be1569db2e907ffc79
-
SHA1
e6e58e6c9418484c041ae483a50d0dddb46471cc
-
SHA256
25a9b90bd047a1624b3c44e252978c45111a847e33c80b6f288baeec64fcd2de
-
SHA512
0da7e0254fd96f0b8cc5fc5f06a9a65e9dc3cd056c9d2948fdc85748bbf7af662cee9b233ac1f44aef1b49017fea42162f2a7f3c384abdad7a5d1c9e0e1ecc4c
Malware Config
Extracted
dridex
111
209.151.236.42:443
91.121.94.86:8172
5.189.144.136:6516
Targets
-
-
Target
25a9b90bd047a1624b3c44e252978c45111a847e33c80b6f288baeec64fcd2de
-
Size
188KB
-
MD5
bde9b46ed0d784be1569db2e907ffc79
-
SHA1
e6e58e6c9418484c041ae483a50d0dddb46471cc
-
SHA256
25a9b90bd047a1624b3c44e252978c45111a847e33c80b6f288baeec64fcd2de
-
SHA512
0da7e0254fd96f0b8cc5fc5f06a9a65e9dc3cd056c9d2948fdc85748bbf7af662cee9b233ac1f44aef1b49017fea42162f2a7f3c384abdad7a5d1c9e0e1ecc4c
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Loader
Detects Dridex both x86 and x64 loader in memory.
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-