General
-
Target
JaffaCakes118_4bb816d1a1d6f2a305f8e9e05fb1077688d58bb361180cab00c45b348f0545c0
-
Size
161KB
-
Sample
241230-1pljzazpgn
-
MD5
fce22360d8cc43a61dea06db5aa30fbd
-
SHA1
c6c2d6f2cb6ba1a14e4186a5629863557eba2d88
-
SHA256
4bb816d1a1d6f2a305f8e9e05fb1077688d58bb361180cab00c45b348f0545c0
-
SHA512
8fb78d70dc6504835909fe9a035edd869649c8d395ffafc27a5ecbecc94876f304aba2a7eb47bd42a9edb839508698bcf181d1c9c927b932f07043627f4a9d0a
-
SSDEEP
3072:elpmktgw9IAMlZxSGg7ypZIQ404g51acpg0xZtCVxwVeXm7YP1cOPpiihEY:elo0gw4ZMypZp45g51aXotOxwVeXm7Ym
Malware Config
Extracted
dridex
40111
107.172.227.10:443
172.93.133.123:2303
108.168.61.147:8172
Targets
-
-
Target
JaffaCakes118_4bb816d1a1d6f2a305f8e9e05fb1077688d58bb361180cab00c45b348f0545c0
-
Size
161KB
-
MD5
fce22360d8cc43a61dea06db5aa30fbd
-
SHA1
c6c2d6f2cb6ba1a14e4186a5629863557eba2d88
-
SHA256
4bb816d1a1d6f2a305f8e9e05fb1077688d58bb361180cab00c45b348f0545c0
-
SHA512
8fb78d70dc6504835909fe9a035edd869649c8d395ffafc27a5ecbecc94876f304aba2a7eb47bd42a9edb839508698bcf181d1c9c927b932f07043627f4a9d0a
-
SSDEEP
3072:elpmktgw9IAMlZxSGg7ypZIQ404g51acpg0xZtCVxwVeXm7YP1cOPpiihEY:elo0gw4ZMypZp45g51aXotOxwVeXm7Ym
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Loader
Detects Dridex both x86 and x64 loader in memory.
-
Checks whether UAC is enabled
-