General
-
Target
c94b6b54bd54c295b098170fb520c4cc
-
Size
1.1MB
-
Sample
240314-wz7sqsbd2s
-
MD5
c94b6b54bd54c295b098170fb520c4cc
-
SHA1
1aa2f518947929a3958320c4489bfbacd50428f0
-
SHA256
1c96c1a9b3ba901d0de9a796aee19a45ff8d0af65a023cb2aed32db80ab2a580
-
SHA512
3b633ead3e28361a5dea55dfa33104c648ea4894fcc0a53253fc97129d1de11e2fc3c2b332dff2777f3c8e46bd5217225248d5c6d1332135008dbe3f74058598
-
SSDEEP
6144:5K6cyPiWCgknQ/HuyIzuTVzsMM56519p+6yT1+ga1td0HZOUlcRnfc:5M+ZdkmHubeaCo6Lga1QHZbOn
Malware Config
Extracted
dridex
10111
177.52.173.20:9043
192.100.170.1:10172
166.62.103.55:7443
Targets
-
-
Target
c94b6b54bd54c295b098170fb520c4cc
-
Size
1.1MB
-
MD5
c94b6b54bd54c295b098170fb520c4cc
-
SHA1
1aa2f518947929a3958320c4489bfbacd50428f0
-
SHA256
1c96c1a9b3ba901d0de9a796aee19a45ff8d0af65a023cb2aed32db80ab2a580
-
SHA512
3b633ead3e28361a5dea55dfa33104c648ea4894fcc0a53253fc97129d1de11e2fc3c2b332dff2777f3c8e46bd5217225248d5c6d1332135008dbe3f74058598
-
SSDEEP
6144:5K6cyPiWCgknQ/HuyIzuTVzsMM56519p+6yT1+ga1td0HZOUlcRnfc:5M+ZdkmHubeaCo6Lga1QHZbOn
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-