Extracted

• • Target

    15d1252024d046b76737f80017b31b5e

  • Size

    371KB

  • MD5

    15d1252024d046b76737f80017b31b5e

  • SHA1

    9d61edbf4819eb9ee8e6de03120ee06e1a8b592e

  • SHA256

    4a8c152ef7c7e3ced93e8629691f6f66bb67f78c4e17caf0198db18300b19acf

  • SHA512

    8f2819cfe537ba891ddc49d3eca12d2cb80c20a270e307822e5e79e2c1c246ad3a1099a1720d2ea9a3f0d6ab630e8bafd93a746f2267b888e3e61c9ee3289179

  Score

  10^/10

  dridex22202botnetevasionloadertrojan

  • Dridex

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    botnetdridex

  • Process spawned unexpected child process

    This typically indicates the parent process was compromised via an exploit or macro.

  • Dridex Loader

    Detects Dridex both x86 and x64 loader in memory.

    botnetloader

  • Blocklisted process makes network request

  • Downloads MZ/PE file

  • Loads dropped DLL

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2