General
-
Target
ae77c3384ecba227bcc15f0eaad462fa_JaffaCakes118
-
Size
731KB
-
Sample
241129-dg4dgswrhr
-
MD5
ae77c3384ecba227bcc15f0eaad462fa
-
SHA1
456c447a4fd116ad6a15a4a1b62e74f04d0f250c
-
SHA256
001247b4327d46a4c4aa6be3c8169816f84af4f434af8a8af4222e8ecd5733e5
-
SHA512
7485f75d8b941dc2104f3c29d65340b09253017e872a18c3b28eaebcbeb4a5a65b44501c00c9635151cfa47e8fa6897eef5fa66e40364e9382f173ce2190329b
-
SSDEEP
12288:VM+ZdkmHubeaCo6zAO0s2A/sUQBJ8l4SVacsb0z:VMcpTo6zhL0BOlnkc1
Malware Config
Extracted
dridex
10111
172.104.58.76:6225
204.174.223.210:9043
51.91.105.97:8443
Targets
-
-
Target
ae77c3384ecba227bcc15f0eaad462fa_JaffaCakes118
-
Size
731KB
-
MD5
ae77c3384ecba227bcc15f0eaad462fa
-
SHA1
456c447a4fd116ad6a15a4a1b62e74f04d0f250c
-
SHA256
001247b4327d46a4c4aa6be3c8169816f84af4f434af8a8af4222e8ecd5733e5
-
SHA512
7485f75d8b941dc2104f3c29d65340b09253017e872a18c3b28eaebcbeb4a5a65b44501c00c9635151cfa47e8fa6897eef5fa66e40364e9382f173ce2190329b
-
SSDEEP
12288:VM+ZdkmHubeaCo6zAO0s2A/sUQBJ8l4SVacsb0z:VMcpTo6zhL0BOlnkc1
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-