General
-
Target
3eab337341a660883dd9fbcc17905dfbc8e6f6ac4207c0c4fc466eafc039e52eN.exe
-
Size
671KB
-
Sample
250224-j1fdnatjy4
-
MD5
8668a57c51d2cbd4489dc1ed14d213b0
-
SHA1
6b298e013db31bf2cc10992f4b49177f19c5f4af
-
SHA256
3eab337341a660883dd9fbcc17905dfbc8e6f6ac4207c0c4fc466eafc039e52e
-
SHA512
fbe9b69d110d923589068ee54f4a94d9e40cbce2ab6ff36482c19f59c0ac0f7cde11f28f5b171d6331ad7c02bd18971db1af1541fdd4cc85dd92013fef98c6a8
-
SSDEEP
12288:UYdfTGnYdfTGtsgqZXoYXMHGy1HxHFvja1E+YzVQ7aQEwhD94i:UYdbyYdb6u3XMHGy1JFvuYzPSei
Malware Config
Extracted
dridex
10111
5.9.178.143:443
37.139.2.140:3889
49.212.179.180:3889
69.64.62.4:4443
Targets
-
-
Target
3eab337341a660883dd9fbcc17905dfbc8e6f6ac4207c0c4fc466eafc039e52eN.exe
-
Size
671KB
-
MD5
8668a57c51d2cbd4489dc1ed14d213b0
-
SHA1
6b298e013db31bf2cc10992f4b49177f19c5f4af
-
SHA256
3eab337341a660883dd9fbcc17905dfbc8e6f6ac4207c0c4fc466eafc039e52e
-
SHA512
fbe9b69d110d923589068ee54f4a94d9e40cbce2ab6ff36482c19f59c0ac0f7cde11f28f5b171d6331ad7c02bd18971db1af1541fdd4cc85dd92013fef98c6a8
-
SSDEEP
12288:UYdfTGnYdfTGtsgqZXoYXMHGy1HxHFvja1E+YzVQ7aQEwhD94i:UYdbyYdb6u3XMHGy1JFvuYzPSei
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-