General
-
Target
b26ae66077f01710ea3a0b3ff937586c8f538c6905a906cd2a86c53c4e97685a
-
Size
1.0MB
-
Sample
210930-lm7xvshcak
-
MD5
2906b170ae969e1757fc340a79b5e6b4
-
SHA1
67cd0c51aa0bf7d6e0ef4dfd9a6eb9d854cb4f73
-
SHA256
b26ae66077f01710ea3a0b3ff937586c8f538c6905a906cd2a86c53c4e97685a
-
SHA512
b222a88431a021c258154dd240a7648b1751748159f5b7faa882b73cbc5b6c10eaa35f4397e6f569b178862bf4c10dae54b6103bf057f829439379dc9e90cd31
Malware Config
Targets
-
-
Target
b26ae66077f01710ea3a0b3ff937586c8f538c6905a906cd2a86c53c4e97685a
-
Size
1.0MB
-
MD5
2906b170ae969e1757fc340a79b5e6b4
-
SHA1
67cd0c51aa0bf7d6e0ef4dfd9a6eb9d854cb4f73
-
SHA256
b26ae66077f01710ea3a0b3ff937586c8f538c6905a906cd2a86c53c4e97685a
-
SHA512
b222a88431a021c258154dd240a7648b1751748159f5b7faa882b73cbc5b6c10eaa35f4397e6f569b178862bf4c10dae54b6103bf057f829439379dc9e90cd31
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Payload
Detects Dridex x64 core DLL in memory.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-