General
-
Target
79cf406b9f5ac1de73d8007b1067c17a3d5278d66d3e6661c3d063855445a882
-
Size
832KB
-
Sample
210930-nc6cdshecq
-
MD5
1fb0895c663550136834c57d9ec7a69e
-
SHA1
77b3f79fbc2b8aa138b8514b840cfa3784ea2218
-
SHA256
79cf406b9f5ac1de73d8007b1067c17a3d5278d66d3e6661c3d063855445a882
-
SHA512
9dda1dad0ef4535fba3ecc9ecfa32c40d8ea4159b62d170f2405e4beb9a5ddb3c548a365f0527340e07053f586eabbacd16b0a4697552dfedfa16050e6096d7c
Malware Config
Targets
-
-
Target
79cf406b9f5ac1de73d8007b1067c17a3d5278d66d3e6661c3d063855445a882
-
Size
832KB
-
MD5
1fb0895c663550136834c57d9ec7a69e
-
SHA1
77b3f79fbc2b8aa138b8514b840cfa3784ea2218
-
SHA256
79cf406b9f5ac1de73d8007b1067c17a3d5278d66d3e6661c3d063855445a882
-
SHA512
9dda1dad0ef4535fba3ecc9ecfa32c40d8ea4159b62d170f2405e4beb9a5ddb3c548a365f0527340e07053f586eabbacd16b0a4697552dfedfa16050e6096d7c
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Payload
Detects Dridex x64 core DLL in memory.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-