General
-
Target
424a877b0d323565a51b934d47fba2d5_JaffaCakes118
-
Size
168KB
-
Sample
240713-sz7aesydpd
-
MD5
424a877b0d323565a51b934d47fba2d5
-
SHA1
b2f3471012475ea358ccb26730445e3940886c1c
-
SHA256
ee341d5853e21ce08a4d4188b9c8e0cda36af402fa0692eb98bc92b17abf492e
-
SHA512
dc73edd18dc8901fdc8a48129477d04d407387fab745101f0e96d4abbc9c8723f8a6709ef2949a4b0f3e5945c5475dce49c82c84fb448d8a479be47df5fbf919
-
SSDEEP
3072:c+rGFFRCMcyzAAykMPqIaXpZYnvf3gx4wblxLSoIm/H2QKGB2gC:c+rGFFlXAAcqj8nHgfOoIdG
Malware Config
Extracted
dridex
111
173.203.78.138:443
217.160.107.189:6601
77.220.64.150:5037
Targets
-
-
Target
424a877b0d323565a51b934d47fba2d5_JaffaCakes118
-
Size
168KB
-
MD5
424a877b0d323565a51b934d47fba2d5
-
SHA1
b2f3471012475ea358ccb26730445e3940886c1c
-
SHA256
ee341d5853e21ce08a4d4188b9c8e0cda36af402fa0692eb98bc92b17abf492e
-
SHA512
dc73edd18dc8901fdc8a48129477d04d407387fab745101f0e96d4abbc9c8723f8a6709ef2949a4b0f3e5945c5475dce49c82c84fb448d8a479be47df5fbf919
-
SSDEEP
3072:c+rGFFRCMcyzAAykMPqIaXpZYnvf3gx4wblxLSoIm/H2QKGB2gC:c+rGFFlXAAcqj8nHgfOoIdG
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Loader
Detects Dridex both x86 and x64 loader in memory.
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-