General
-
Target
5be952074f44f6df023c8ac6ee8f75be682b78674e0191ccfb9567e8ba56b586
-
Size
188KB
-
Sample
210225-lm7ap8b59j
-
MD5
02cd5903f5121ad288b4c9aa8b6b63a3
-
SHA1
e7090e0790696723ae5911322cccf6091a9e6142
-
SHA256
5be952074f44f6df023c8ac6ee8f75be682b78674e0191ccfb9567e8ba56b586
-
SHA512
5a84c7a280d94b98f0f23905f5aa54ea273bb0b2097678403acd7e9621b2d92c3420a78e030a14f897de3b28c52fd86ebc8a6eb48e850bd88a05f7af2f810585
Malware Config
Extracted
dridex
111
209.151.236.42:443
91.121.94.86:8172
5.189.144.136:6516
Targets
-
-
Target
5be952074f44f6df023c8ac6ee8f75be682b78674e0191ccfb9567e8ba56b586
-
Size
188KB
-
MD5
02cd5903f5121ad288b4c9aa8b6b63a3
-
SHA1
e7090e0790696723ae5911322cccf6091a9e6142
-
SHA256
5be952074f44f6df023c8ac6ee8f75be682b78674e0191ccfb9567e8ba56b586
-
SHA512
5a84c7a280d94b98f0f23905f5aa54ea273bb0b2097678403acd7e9621b2d92c3420a78e030a14f897de3b28c52fd86ebc8a6eb48e850bd88a05f7af2f810585
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Loader
Detects Dridex both x86 and x64 loader in memory.
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-