General
-
Target
110c56dfcb0434891c760de2555c155ca3a0e437bcb1d7c5e1b7ed48af5b4c2d
-
Size
1.1MB
-
Sample
210930-layteshbhj
-
MD5
a6b8b41abea9759c636c195fb26d6baa
-
SHA1
d3238d3f93e81b96bcdef4598a67e848748b31f5
-
SHA256
110c56dfcb0434891c760de2555c155ca3a0e437bcb1d7c5e1b7ed48af5b4c2d
-
SHA512
9a3b7ff47f68903450090b02904124141ffd0000d5379dc643208474c7d3afcd442ba2503d16eaea50f33ce5b0a1f504f8b7cbf15df2fe87873659df00bdb9f8
Malware Config
Targets
-
-
Target
110c56dfcb0434891c760de2555c155ca3a0e437bcb1d7c5e1b7ed48af5b4c2d
-
Size
1.1MB
-
MD5
a6b8b41abea9759c636c195fb26d6baa
-
SHA1
d3238d3f93e81b96bcdef4598a67e848748b31f5
-
SHA256
110c56dfcb0434891c760de2555c155ca3a0e437bcb1d7c5e1b7ed48af5b4c2d
-
SHA512
9a3b7ff47f68903450090b02904124141ffd0000d5379dc643208474c7d3afcd442ba2503d16eaea50f33ce5b0a1f504f8b7cbf15df2fe87873659df00bdb9f8
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Payload
Detects Dridex x64 core DLL in memory.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-