General
-
Target
a2599ff27e255a199db7c526b2973cdee7cdea22b852b2074157c3d0a0b7dfcc
-
Size
188KB
-
Sample
210303-j1l8xgjvje
-
MD5
555869311347b1235f50d7054cdb8180
-
SHA1
0df5edb8d34be9f95960c55f652123451c079f72
-
SHA256
a2599ff27e255a199db7c526b2973cdee7cdea22b852b2074157c3d0a0b7dfcc
-
SHA512
dafe2e510b2f2f3f82df08d94bce77806ec6b206e8c9b86209dd86e65a2e30cb98994568881e5f59554cf8546f01a692b4406219ffed91ffb448d3d2a800dc1f
Malware Config
Extracted
dridex
111
116.251.211.158:443
216.10.242.142:6601
37.247.35.137:6601
Targets
-
-
Target
a2599ff27e255a199db7c526b2973cdee7cdea22b852b2074157c3d0a0b7dfcc
-
Size
188KB
-
MD5
555869311347b1235f50d7054cdb8180
-
SHA1
0df5edb8d34be9f95960c55f652123451c079f72
-
SHA256
a2599ff27e255a199db7c526b2973cdee7cdea22b852b2074157c3d0a0b7dfcc
-
SHA512
dafe2e510b2f2f3f82df08d94bce77806ec6b206e8c9b86209dd86e65a2e30cb98994568881e5f59554cf8546f01a692b4406219ffed91ffb448d3d2a800dc1f
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Loader
Detects Dridex both x86 and x64 loader in memory.
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-