General
-
Target
f06f58c991c3027d4c5d3dc17bb944a6db160867b460e0baa408fc74df1c688c
-
Size
188KB
-
Sample
210303-1zq28d2716
-
MD5
629b53ddabf28c5b67916ff5776c977c
-
SHA1
9e46b24d513d4c75d4e87a413075f776bf0c84c8
-
SHA256
f06f58c991c3027d4c5d3dc17bb944a6db160867b460e0baa408fc74df1c688c
-
SHA512
6787fdac970e4c2349013df410245c85a464006e57e47615a77935e95183ceeabb5dd5949de7a102bb2c81d430474518d9cce3d3244c45604d4cb1e99b816108
Malware Config
Extracted
dridex
111
116.251.211.158:443
216.10.242.142:6601
37.247.35.137:6601
Targets
-
-
Target
f06f58c991c3027d4c5d3dc17bb944a6db160867b460e0baa408fc74df1c688c
-
Size
188KB
-
MD5
629b53ddabf28c5b67916ff5776c977c
-
SHA1
9e46b24d513d4c75d4e87a413075f776bf0c84c8
-
SHA256
f06f58c991c3027d4c5d3dc17bb944a6db160867b460e0baa408fc74df1c688c
-
SHA512
6787fdac970e4c2349013df410245c85a464006e57e47615a77935e95183ceeabb5dd5949de7a102bb2c81d430474518d9cce3d3244c45604d4cb1e99b816108
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Loader
Detects Dridex both x86 and x64 loader in memory.
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-