General
-
Target
e64v7wm.jpg.malware
-
Size
664KB
-
Sample
240506-v13pqsbf6y
-
MD5
5fe7063f0ff776925933f7eacb7c6548
-
SHA1
73be6bb3a402c2d0af577e70309e38e0a96989e5
-
SHA256
50deeef45a40410096418b06a0a33ada0d821a3af6ddf6abb13df2b2e27ea177
-
SHA512
c7c41aa0a17a23b0ca4a3b261c36f72bb033940dd6e37210c8403f322d4388dd1418d7e8f9a9499380ffb658a3479f58dada7192ad3074885226858c99edd546
-
SSDEEP
12288:Z/0Qzqf0eei48vM+6TFKywVt6PbEYU0eyJTT/Mu9oV01u3oaEP:J0zheAn6TFKywvCbEOxDMu9oyZaEP
Malware Config
Extracted
dridex
10222
174.128.245.202:443
51.83.3.52:13786
69.64.50.41:6602
Targets
-
-
Target
e64v7wm.jpg.malware
-
Size
664KB
-
MD5
5fe7063f0ff776925933f7eacb7c6548
-
SHA1
73be6bb3a402c2d0af577e70309e38e0a96989e5
-
SHA256
50deeef45a40410096418b06a0a33ada0d821a3af6ddf6abb13df2b2e27ea177
-
SHA512
c7c41aa0a17a23b0ca4a3b261c36f72bb033940dd6e37210c8403f322d4388dd1418d7e8f9a9499380ffb658a3479f58dada7192ad3074885226858c99edd546
-
SSDEEP
12288:Z/0Qzqf0eei48vM+6TFKywVt6PbEYU0eyJTT/Mu9oV01u3oaEP:J0zheAn6TFKywvCbEOxDMu9oyZaEP
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-