General
-
Target
j99zauz.jpg
-
Size
608KB
-
Sample
211022-x3vs1sdaak
-
MD5
857a3e7b09b2a270dd0b56aa43bc5fb2
-
SHA1
ef3316d9ed6ca70835061f4b3549fe8923629f5c
-
SHA256
6f8610fc635355d0fb40184e38102c5ce90b18a0074ec60a64e7fda68f62cee8
-
SHA512
c12cdaac12438408727d8224d81a313cce1178fdef206f80da03f41bd10bb8dbb54ecabd983d97d422ead95706b0d717696cd2dda6b900d0c7ecfa8a9db62c6d
Malware Config
Extracted
dridex
10444
174.128.245.202:443
51.83.3.52:13786
69.64.50.41:6602
Targets
-
-
Target
j99zauz.jpg
-
Size
608KB
-
MD5
857a3e7b09b2a270dd0b56aa43bc5fb2
-
SHA1
ef3316d9ed6ca70835061f4b3549fe8923629f5c
-
SHA256
6f8610fc635355d0fb40184e38102c5ce90b18a0074ec60a64e7fda68f62cee8
-
SHA512
c12cdaac12438408727d8224d81a313cce1178fdef206f80da03f41bd10bb8dbb54ecabd983d97d422ead95706b0d717696cd2dda6b900d0c7ecfa8a9db62c6d
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-