General
-
Target
5f35c99792dab2db7ebbe20eebb2a925b6a0737cea7811fec7c8ba25f7586ff7
-
Size
639KB
-
Sample
210419-yvyeaepbvj
-
MD5
5c549ac8c24080c6859893789c2153bf
-
SHA1
d7bd18d8d228dcf7e7993951ca1f712abf17fab2
-
SHA256
5f35c99792dab2db7ebbe20eebb2a925b6a0737cea7811fec7c8ba25f7586ff7
-
SHA512
e999785494e64058a3fb22fe0e741b005121ce2c868d68eb6ede13da391461f69874ce6b5fc93a103e6f0a7b7386cd06998696166da1d555891b1e7e1d371701
Malware Config
Extracted
dridex
10444
146.185.170.249:443
62.75.251.60:6601
185.148.168.25:2303
Targets
-
-
Target
5f35c99792dab2db7ebbe20eebb2a925b6a0737cea7811fec7c8ba25f7586ff7
-
Size
639KB
-
MD5
5c549ac8c24080c6859893789c2153bf
-
SHA1
d7bd18d8d228dcf7e7993951ca1f712abf17fab2
-
SHA256
5f35c99792dab2db7ebbe20eebb2a925b6a0737cea7811fec7c8ba25f7586ff7
-
SHA512
e999785494e64058a3fb22fe0e741b005121ce2c868d68eb6ede13da391461f69874ce6b5fc93a103e6f0a7b7386cd06998696166da1d555891b1e7e1d371701
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Loader
Detects Dridex both x86 and x64 loader in memory.
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-