General
-
Target
90b95a7e9b8c465732117863638aa9b2086b9a3b1265e94efc9c63e80e1a1406
-
Size
188KB
-
Sample
210225-5ceqvx9k4n
-
MD5
14c4d320f2ef41575c734fac07c60824
-
SHA1
74621c36c1dab21a7b5b2e83df49d892ae26b02c
-
SHA256
90b95a7e9b8c465732117863638aa9b2086b9a3b1265e94efc9c63e80e1a1406
-
SHA512
37d630cbf3cda91b861dc819404365d6179c03fecc71a6e7ffa52add2beada8a62b5c061f12f8518faa73b4b34b08c85c415da495a7f71e754020ac30171fa69
Malware Config
Extracted
dridex
111
209.151.236.42:443
91.121.94.86:8172
5.189.144.136:6516
Targets
-
-
Target
90b95a7e9b8c465732117863638aa9b2086b9a3b1265e94efc9c63e80e1a1406
-
Size
188KB
-
MD5
14c4d320f2ef41575c734fac07c60824
-
SHA1
74621c36c1dab21a7b5b2e83df49d892ae26b02c
-
SHA256
90b95a7e9b8c465732117863638aa9b2086b9a3b1265e94efc9c63e80e1a1406
-
SHA512
37d630cbf3cda91b861dc819404365d6179c03fecc71a6e7ffa52add2beada8a62b5c061f12f8518faa73b4b34b08c85c415da495a7f71e754020ac30171fa69
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Loader
Detects Dridex both x86 and x64 loader in memory.
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-