General
-
Target
7cd157bb4a288f2f1eda8f3b1e8a6a2612817c19172edd04939624536fee7cf5
-
Size
832KB
-
Sample
210930-nc6cdshdd3
-
MD5
a9bda392687bb9bd727edba0b29ee257
-
SHA1
a0130161d06f6868489dbeb9ac91f60df66fc3fd
-
SHA256
7cd157bb4a288f2f1eda8f3b1e8a6a2612817c19172edd04939624536fee7cf5
-
SHA512
dc983090e314705b0d94a5a57b2b67de18f027d203adb904577edfde6ccf3b01a23ffc6caf9eab620bef8efdc956c58d3ed6980a4487ece0cc24dce6f2f15539
Malware Config
Targets
-
-
Target
7cd157bb4a288f2f1eda8f3b1e8a6a2612817c19172edd04939624536fee7cf5
-
Size
832KB
-
MD5
a9bda392687bb9bd727edba0b29ee257
-
SHA1
a0130161d06f6868489dbeb9ac91f60df66fc3fd
-
SHA256
7cd157bb4a288f2f1eda8f3b1e8a6a2612817c19172edd04939624536fee7cf5
-
SHA512
dc983090e314705b0d94a5a57b2b67de18f027d203adb904577edfde6ccf3b01a23ffc6caf9eab620bef8efdc956c58d3ed6980a4487ece0cc24dce6f2f15539
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Payload
Detects Dridex x64 core DLL in memory.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-