General
-
Target
6ac95779dc09b848d9c5bcc13cc2a00f
-
Size
750KB
-
Sample
211027-t2yxhafff5
-
MD5
6ac95779dc09b848d9c5bcc13cc2a00f
-
SHA1
95f43ca4043d812aa7e50e3c6a88a2fcb76f07e1
-
SHA256
ae458812cc8e0d27439d6d06df8648e653d015669486e547394e339219a686e2
-
SHA512
b0da49cfc69708660251456aa4d7da57c86cb6b3b7536d8cd12d4ffccd40fc7288e0ef116b7fbd5f2fe16ce09cee156a116bff6b9fe1a89ce56537f9bd3519d1
Malware Config
Extracted
dridex
10555
192.46.210.220:443
143.244.140.214:808
45.77.0.96:6891
185.56.219.47:8116
Targets
-
-
Target
6ac95779dc09b848d9c5bcc13cc2a00f
-
Size
750KB
-
MD5
6ac95779dc09b848d9c5bcc13cc2a00f
-
SHA1
95f43ca4043d812aa7e50e3c6a88a2fcb76f07e1
-
SHA256
ae458812cc8e0d27439d6d06df8648e653d015669486e547394e339219a686e2
-
SHA512
b0da49cfc69708660251456aa4d7da57c86cb6b3b7536d8cd12d4ffccd40fc7288e0ef116b7fbd5f2fe16ce09cee156a116bff6b9fe1a89ce56537f9bd3519d1
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-