General
-
Target
u5nmsr.zip
-
Size
717KB
-
Sample
230630-p3ta7adf9y
-
MD5
59d4c719403b793876d65395f5a2d0bd
-
SHA1
0b224d9b94af60a8fec79416d4b1bcab8cf9308c
-
SHA256
b6cf019dca618ebc676b84c40846e0a9a2050689b35845af2f12a93442fb25e8
-
SHA512
d395272ad4169d8de1f660b239d3dfc9937abb29aec05ba7527c5307cf90825058f3107e85acf8f5f4afe3b64c24e226edca3f84c678043469674292ade3f8b5
-
SSDEEP
12288:sSYs0Ljpezsf/Lrxn9AiQwvM8hZDgh6cVBsepVEsY7/ICmco0ADXEw1sZ:zYrszsHxfjv7Dg1Dc7/IxEw1s
Malware Config
Extracted
dridex
10444
97.107.127.161:443
45.33.94.33:5037
159.89.91.92:5037
158.69.118.130:1443
Targets
-
-
Target
u5nmsr.zip
-
Size
717KB
-
MD5
59d4c719403b793876d65395f5a2d0bd
-
SHA1
0b224d9b94af60a8fec79416d4b1bcab8cf9308c
-
SHA256
b6cf019dca618ebc676b84c40846e0a9a2050689b35845af2f12a93442fb25e8
-
SHA512
d395272ad4169d8de1f660b239d3dfc9937abb29aec05ba7527c5307cf90825058f3107e85acf8f5f4afe3b64c24e226edca3f84c678043469674292ade3f8b5
-
SSDEEP
12288:sSYs0Ljpezsf/Lrxn9AiQwvM8hZDgh6cVBsepVEsY7/ICmco0ADXEw1sZ:zYrszsHxfjv7Dg1Dc7/IxEw1s
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-