General
-
Target
b4098ae522a1deea7ff1d1c88945472f
-
Size
1.1MB
-
Sample
240305-heqrtsgg6z
-
MD5
b4098ae522a1deea7ff1d1c88945472f
-
SHA1
6fbec1b2a47aec7ef7d7e3f9c2c79e5069499d57
-
SHA256
393ef50d8860647ad7a30ecf912266a51e3104948e6d93060e03ee48d5a31232
-
SHA512
56e13001f5ea6c205f493769e79984390845c703103c8106f829f34e16bc17f98e39129ae02c8a82fc5ababea940070aef02fa3d04e64b285ca20d9f3f39bea4
-
SSDEEP
6144:GK6cyPiWCgknQ/HuyIzuTVzsMM56519p+6yT1+ga1td0HZOUlcRufc:GM+ZdkmHubeaCo6Lga1QHZbOu
Malware Config
Extracted
dridex
10111
177.52.173.20:9043
192.100.170.1:10172
166.62.103.55:7443
Targets
-
-
Target
b4098ae522a1deea7ff1d1c88945472f
-
Size
1.1MB
-
MD5
b4098ae522a1deea7ff1d1c88945472f
-
SHA1
6fbec1b2a47aec7ef7d7e3f9c2c79e5069499d57
-
SHA256
393ef50d8860647ad7a30ecf912266a51e3104948e6d93060e03ee48d5a31232
-
SHA512
56e13001f5ea6c205f493769e79984390845c703103c8106f829f34e16bc17f98e39129ae02c8a82fc5ababea940070aef02fa3d04e64b285ca20d9f3f39bea4
-
SSDEEP
6144:GK6cyPiWCgknQ/HuyIzuTVzsMM56519p+6yT1+ga1td0HZOUlcRufc:GM+ZdkmHubeaCo6Lga1QHZbOu
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-