General
-
Target
12585957464def05f4a9967c25b644380c5b9e05204b150f41228c6611b0c6dc
-
Size
836KB
-
Sample
210930-nc6cdshdc9
-
MD5
94fd6e52c64e3ee433ff8ced80dfbd7a
-
SHA1
4016669ea397566abffeb6a08fcc5f7729eb00ce
-
SHA256
12585957464def05f4a9967c25b644380c5b9e05204b150f41228c6611b0c6dc
-
SHA512
a8105912545cfdd610b6c960aec60ea364ff066b88c1435bd1670184fb9e3a69f0502415cf9f7f6a2a56c09193358f233776bbf46cc3ef7d084020afc092bf46
Malware Config
Targets
-
-
Target
12585957464def05f4a9967c25b644380c5b9e05204b150f41228c6611b0c6dc
-
Size
836KB
-
MD5
94fd6e52c64e3ee433ff8ced80dfbd7a
-
SHA1
4016669ea397566abffeb6a08fcc5f7729eb00ce
-
SHA256
12585957464def05f4a9967c25b644380c5b9e05204b150f41228c6611b0c6dc
-
SHA512
a8105912545cfdd610b6c960aec60ea364ff066b88c1435bd1670184fb9e3a69f0502415cf9f7f6a2a56c09193358f233776bbf46cc3ef7d084020afc092bf46
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Payload
Detects Dridex x64 core DLL in memory.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-