General
-
Target
78c0595297a8ec52bdeca6c43038f1686863a6875382a2a582300c2e735834e3
-
Size
188KB
-
Sample
210303-n1knh5mhdj
-
MD5
bffbf94a52464c74ed0ff11553a65f94
-
SHA1
7be37168fc7b965c01aeca2cb811ae3c3d80fd1d
-
SHA256
78c0595297a8ec52bdeca6c43038f1686863a6875382a2a582300c2e735834e3
-
SHA512
82645c34c9008cbd02f405c2270c72440780325d9af1b859c963193bc557abcc530d7c53c964788100d735241981a9a92fc7372499f4e9bf938b5734464b7810
Malware Config
Extracted
dridex
111
116.251.211.158:443
216.10.242.142:6601
37.247.35.137:6601
Targets
-
-
Target
78c0595297a8ec52bdeca6c43038f1686863a6875382a2a582300c2e735834e3
-
Size
188KB
-
MD5
bffbf94a52464c74ed0ff11553a65f94
-
SHA1
7be37168fc7b965c01aeca2cb811ae3c3d80fd1d
-
SHA256
78c0595297a8ec52bdeca6c43038f1686863a6875382a2a582300c2e735834e3
-
SHA512
82645c34c9008cbd02f405c2270c72440780325d9af1b859c963193bc557abcc530d7c53c964788100d735241981a9a92fc7372499f4e9bf938b5734464b7810
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Loader
Detects Dridex both x86 and x64 loader in memory.
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-