General
-
Target
35c66addab955c68db3d9eb5d2d983a8
-
Size
1.1MB
-
Sample
231225-xhldvagff4
-
MD5
35c66addab955c68db3d9eb5d2d983a8
-
SHA1
6a0dff5c2c67098e2f768b92cb04d00cc72683ed
-
SHA256
5a557da8473fb0617ae93cc432fab5cf32a8c054280222ea63a8676d294f6a24
-
SHA512
e238d7b5c0b73d6b8b2d023a8104f7b297911e9b9d459faa127400a77148305356f18578a7ecb8f374761b7380dde91cd09f4abf97e4d68fbcf28072bc3e7edf
-
SSDEEP
6144:6K6cyPiWCgknQ/HuyIzuTVzsMM56519p+6yT1+ga1td0HZOUlcROfc:6M+ZdkmHubeaCo6Lga1QHZbOO
Malware Config
Extracted
dridex
10111
177.52.173.20:9043
192.100.170.1:10172
166.62.103.55:7443
Targets
-
-
Target
35c66addab955c68db3d9eb5d2d983a8
-
Size
1.1MB
-
MD5
35c66addab955c68db3d9eb5d2d983a8
-
SHA1
6a0dff5c2c67098e2f768b92cb04d00cc72683ed
-
SHA256
5a557da8473fb0617ae93cc432fab5cf32a8c054280222ea63a8676d294f6a24
-
SHA512
e238d7b5c0b73d6b8b2d023a8104f7b297911e9b9d459faa127400a77148305356f18578a7ecb8f374761b7380dde91cd09f4abf97e4d68fbcf28072bc3e7edf
-
SSDEEP
6144:6K6cyPiWCgknQ/HuyIzuTVzsMM56519p+6yT1+ga1td0HZOUlcROfc:6M+ZdkmHubeaCo6Lga1QHZbOO
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-