2c1cbd4e7a27c47468c2e806e5559c3680f1cd6497c33a65c0a565fe8bab1add

General
Target

2c1cbd4e7a27c47468c2e806e5559c3680f1cd6497c33a65c0a565fe8bab1add

Size

2MB

Sample

210928-kpwf6sbcer

Score
10 /10
MD5

24628d042b24ccca20dfc18374ee15c1

SHA1

0deb91aa0e4c63080d71db61bfed0c7a5fb967ca

SHA256

2c1cbd4e7a27c47468c2e806e5559c3680f1cd6497c33a65c0a565fe8bab1add

SHA512

dd3c8457810dc1f17d1ea38be7d8884a89fd668a1b8b3d3d41f221e3997ef434e23a716433e7b214503e10649dba4830a1bf648c5a8dd23ff494d49a6d10aa23

Malware Config
Targets
Target

2c1cbd4e7a27c47468c2e806e5559c3680f1cd6497c33a65c0a565fe8bab1add

MD5

24628d042b24ccca20dfc18374ee15c1

Filesize

2MB

Score
10 /10
SHA1

0deb91aa0e4c63080d71db61bfed0c7a5fb967ca

SHA256

2c1cbd4e7a27c47468c2e806e5559c3680f1cd6497c33a65c0a565fe8bab1add

SHA512

dd3c8457810dc1f17d1ea38be7d8884a89fd668a1b8b3d3d41f221e3997ef434e23a716433e7b214503e10649dba4830a1bf648c5a8dd23ff494d49a6d10aa23

Tags

Signatures

  • Dridex

    Description

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    Tags

  • Dridex Shellcode

    Description

    Detects Dridex Payload shellcode injected in Explorer process.

    Tags

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    Tags

    TTPs

    Registry Run Keys / Startup Folder Modify Registry
  • Checks whether UAC is enabled

    Tags

    TTPs

    System Information Discovery

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Privilege Escalation