General
-
Target
807f12238d1ff9667c31f44178796a63ce759c4ca78cd472f9975d0c753aebaf
-
Size
836KB
-
Sample
210929-jmjtxsecdr
-
MD5
f3a936183d790d82ae77402dbad857a2
-
SHA1
c569987ea8787f4edd108218052fcc7b9d79d38d
-
SHA256
807f12238d1ff9667c31f44178796a63ce759c4ca78cd472f9975d0c753aebaf
-
SHA512
7ba1542786cded740fbd1bf6f1ebe9a06083f7a36aa1468b7de61ccb712e3c186fa6d367efbba1ac24e0c33d551871c73a7d66ca36ffd30a666ce6e6a2b46197
Malware Config
Targets
-
-
Target
807f12238d1ff9667c31f44178796a63ce759c4ca78cd472f9975d0c753aebaf
-
Size
836KB
-
MD5
f3a936183d790d82ae77402dbad857a2
-
SHA1
c569987ea8787f4edd108218052fcc7b9d79d38d
-
SHA256
807f12238d1ff9667c31f44178796a63ce759c4ca78cd472f9975d0c753aebaf
-
SHA512
7ba1542786cded740fbd1bf6f1ebe9a06083f7a36aa1468b7de61ccb712e3c186fa6d367efbba1ac24e0c33d551871c73a7d66ca36ffd30a666ce6e6a2b46197
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Payload
Detects Dridex x64 core DLL in memory.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-