Extracted

• • Target

    ecde835ba7193d93f5116151a64ae4a47f21b5e6a5bff2f5ae9967ef907ed6cb

  • Size

    162KB

  • MD5

    3198aa867e74a913749ffdf4e11aee10

  • SHA1

    d130367213644ea574a7ad7b0d543e1e5fb5c35a

  • SHA256

    ecde835ba7193d93f5116151a64ae4a47f21b5e6a5bff2f5ae9967ef907ed6cb

  • SHA512

    055af6f200ad45e5c11fa84c8d639134076381e414d8ef29ec6ea34b042079a7394c849692687f88d55f43f27d78bfbcbcd885f756b9e8b3966385551506a386

  Score

  10^/10

  badrabbitdridex40112botnetevasionloaderransomwaretrojan

  • BadRabbit

    Ransomware family discovered in late 2017, mainly targeting Russia and Ukraine.

    ransomwarebadrabbit

  • Dridex

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    botnetdridex

  • Dridex Loader

    Detects Dridex both x86 and x64 loader in memory.

    botnetloader

  • Executes dropped EXE

  • Modifies extensions of user files

    Ransomware generally changes the extension on encrypted files.

    ransomware

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1