General
-
Target
37834799917c2658efb6893352bd91be78ae45e423ab8772f8c992aeb746308f
-
Size
796KB
-
Sample
210930-n5sl1ahfbk
-
MD5
3fe472b703890c0f9eddef17c08fa593
-
SHA1
f640cc54f2ff6b5c0dcedf56043cbe0193903f88
-
SHA256
37834799917c2658efb6893352bd91be78ae45e423ab8772f8c992aeb746308f
-
SHA512
7f215a32ab658fd90daf0d9b31cb4fe0e5a861444725d0466787a671124e192cac995aedafb32266f7ad0edb508e0507bb25432a699a6789a1d517f0c1b18505
Malware Config
Targets
-
-
Target
37834799917c2658efb6893352bd91be78ae45e423ab8772f8c992aeb746308f
-
Size
796KB
-
MD5
3fe472b703890c0f9eddef17c08fa593
-
SHA1
f640cc54f2ff6b5c0dcedf56043cbe0193903f88
-
SHA256
37834799917c2658efb6893352bd91be78ae45e423ab8772f8c992aeb746308f
-
SHA512
7f215a32ab658fd90daf0d9b31cb4fe0e5a861444725d0466787a671124e192cac995aedafb32266f7ad0edb508e0507bb25432a699a6789a1d517f0c1b18505
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Payload
Detects Dridex x64 core DLL in memory.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-