General
-
Target
Document#578743906539.zip
-
Size
344KB
-
Sample
210319-zqkthetyla
-
MD5
1c0842a902658d5522509e669277c419
-
SHA1
4e4853387b6ab7119bbaa469e0ea7e21026fd0b1
-
SHA256
935dd5f6759b2409a7140432b11595b7585b985836a14637aa3bd208f4f82b32
-
SHA512
e09759706948214ffa03830ce2cdf527531200022027607746037b2cda547e6273af6be662265392c3717878e0d547f8bd67cf1e181221f34b9f801b24bb5477
Malware Config
Extracted
dridex
10555
38.88.126.131:443
145.239.169.32:8443
163.172.7.152:443
45.79.135.98:691
Targets
-
-
Target
Document#578743906539.vbs
-
Size
980KB
-
MD5
27588243419b10040ea332eed512e18a
-
SHA1
c26304277f80fdf95db29aa700a01d650c5f2ed3
-
SHA256
76d804d87108c6997469997da29236b271519362fe9f7e518a25a102835a7e06
-
SHA512
3f947d749bc42851cc79e81ca568e5e2ea996c5fc30c24958584f80305fdb72eae5f1f050a347d08758b79f6a9717439bc75c69e64ed198609c713dd1f392412
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Loader
Detects Dridex both x86 and x64 loader in memory.
-
Loads dropped DLL
-