General
-
Target
36a6c2320d82f5e3b748ca1d78a7619096b98614f091905d4ee0d61a681f0de6
-
Size
960KB
-
Sample
210930-lnrx2ahcap
-
MD5
d4c1195884138b8e94f06d5c33c96fab
-
SHA1
8251fd6cd2903e1b75a125d358180886c09a5ca6
-
SHA256
36a6c2320d82f5e3b748ca1d78a7619096b98614f091905d4ee0d61a681f0de6
-
SHA512
1ceb0c423befee373275fe00282e3cb8175c9e9ca0c8fd28d21cb743182c4965acd9f5fdbe203d4c77db7cdf93011544cc7db7a4283c589e9d93484964ceadc6
Malware Config
Targets
-
-
Target
36a6c2320d82f5e3b748ca1d78a7619096b98614f091905d4ee0d61a681f0de6
-
Size
960KB
-
MD5
d4c1195884138b8e94f06d5c33c96fab
-
SHA1
8251fd6cd2903e1b75a125d358180886c09a5ca6
-
SHA256
36a6c2320d82f5e3b748ca1d78a7619096b98614f091905d4ee0d61a681f0de6
-
SHA512
1ceb0c423befee373275fe00282e3cb8175c9e9ca0c8fd28d21cb743182c4965acd9f5fdbe203d4c77db7cdf93011544cc7db7a4283c589e9d93484964ceadc6
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Payload
Detects Dridex x64 core DLL in memory.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-