General
-
Target
ada0130e1c01776fcac12061f2325e2dd9fcb599aa557c869a522705b65b7bc0
-
Size
1.0MB
-
Sample
210930-lnrl9shah8
-
MD5
cdedd3e360fd2cf78fb3d9d1a8b4cce6
-
SHA1
7ef33ae9cd2a8ebea9729125021ef824974b43f2
-
SHA256
ada0130e1c01776fcac12061f2325e2dd9fcb599aa557c869a522705b65b7bc0
-
SHA512
2464b54668afe2efb2d42b32d1f29445c2135eb193352acf595b94b89404cc7c36e136c296af27c5e80adcdc1b1a6db7609e342d5b554cc783b2530b4bfe0e3c
Malware Config
Targets
-
-
Target
ada0130e1c01776fcac12061f2325e2dd9fcb599aa557c869a522705b65b7bc0
-
Size
1.0MB
-
MD5
cdedd3e360fd2cf78fb3d9d1a8b4cce6
-
SHA1
7ef33ae9cd2a8ebea9729125021ef824974b43f2
-
SHA256
ada0130e1c01776fcac12061f2325e2dd9fcb599aa557c869a522705b65b7bc0
-
SHA512
2464b54668afe2efb2d42b32d1f29445c2135eb193352acf595b94b89404cc7c36e136c296af27c5e80adcdc1b1a6db7609e342d5b554cc783b2530b4bfe0e3c
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Payload
Detects Dridex x64 core DLL in memory.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-