Description
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
General
Target
Size
Sample
93394d6e_by_Libranalysis
588KB
210510-ncy7w9kqte
Score
10/10
MD5
SHA1
SHA256
SHA512
93394d6e0ea894922267955095fabbc9
38ac582b64fb09f212aceddf5e3cc13946c69985
7f0f199833687549249b22ec50bbcb234d2ad2b8da993a6cbc86db8a53236530
aceecbcccd6fe48586d695b0ef04d7d0b998069dbb6545dc9ca96045f896281663027cf048ce2d0f27d0e2990f03c1f592322bfa9bc9776f153d07c6993cc8e7
Malware Config
Targets
Target
MD5
Filesize
93394d6e_by_Libranalysis
93394d6e0ea894922267955095fabbc9
588KB
Score
10/10
SHA1
SHA256
SHA512
38ac582b64fb09f212aceddf5e3cc13946c69985
7f0f199833687549249b22ec50bbcb234d2ad2b8da993a6cbc86db8a53236530
aceecbcccd6fe48586d695b0ef04d7d0b998069dbb6545dc9ca96045f896281663027cf048ce2d0f27d0e2990f03c1f592322bfa9bc9776f153d07c6993cc8e7
Tags
Signatures
-
Dridex
-
Dridex Payload
Description
Detects Dridex x64 core DLL in memory.
Tags
-
Dridex Shellcode
Description
Detects Dridex Payload shellcode injected in Explorer process.
Tags
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
Tags
TTPs
-
Checks whether UAC is enabled
Tags
TTPs
Related Tasks
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Tasks
static1
Score
N/A
behavioral1
Score
10/10
behavioral2
Score
10/10