General
-
Target
3a93fb6a1bc66210f59bbf8530adf810a662cfbe23ce3a7f1b9d273a90329a62
-
Size
188KB
-
Sample
210224-wylwr327aj
-
MD5
c4e1048c5b4525aaf02166d50e0ffbfa
-
SHA1
977d47ff895917dd896391064da76c1d8a96486d
-
SHA256
3a93fb6a1bc66210f59bbf8530adf810a662cfbe23ce3a7f1b9d273a90329a62
-
SHA512
74b1ff0af063e197376a23e31c23f16791ae006a13c2aa154e4498966d9c610a2a7facc1d611fe6abf2c157ebd7f023befba9331cd70a26c1a4e4e1ead4c535a
Malware Config
Extracted
dridex
111
209.151.236.42:443
91.121.94.86:8172
5.189.144.136:6516
Targets
-
-
Target
3a93fb6a1bc66210f59bbf8530adf810a662cfbe23ce3a7f1b9d273a90329a62
-
Size
188KB
-
MD5
c4e1048c5b4525aaf02166d50e0ffbfa
-
SHA1
977d47ff895917dd896391064da76c1d8a96486d
-
SHA256
3a93fb6a1bc66210f59bbf8530adf810a662cfbe23ce3a7f1b9d273a90329a62
-
SHA512
74b1ff0af063e197376a23e31c23f16791ae006a13c2aa154e4498966d9c610a2a7facc1d611fe6abf2c157ebd7f023befba9331cd70a26c1a4e4e1ead4c535a
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Loader
Detects Dridex both x86 and x64 loader in memory.
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-