General
-
Target
1dffc9bad0cbd700a8c19eab05cb70de461c2378b1c2dbdc66c6e082b54c107c
-
Size
812KB
-
Sample
210930-njvjgahdg5
-
MD5
bec7726cd62b4570b08bb99c8e67412e
-
SHA1
7833e45fc2d88b83be4f8da494724321983db26a
-
SHA256
1dffc9bad0cbd700a8c19eab05cb70de461c2378b1c2dbdc66c6e082b54c107c
-
SHA512
5b25934c7b31544ff37772b82d1eee250e13d011d5565d0a758782a210ccebbacd8c190d2c59353542afd2e641bdde6de5abeb3da4ea9e513f7743c8f883dc7c
Malware Config
Targets
-
-
Target
1dffc9bad0cbd700a8c19eab05cb70de461c2378b1c2dbdc66c6e082b54c107c
-
Size
812KB
-
MD5
bec7726cd62b4570b08bb99c8e67412e
-
SHA1
7833e45fc2d88b83be4f8da494724321983db26a
-
SHA256
1dffc9bad0cbd700a8c19eab05cb70de461c2378b1c2dbdc66c6e082b54c107c
-
SHA512
5b25934c7b31544ff37772b82d1eee250e13d011d5565d0a758782a210ccebbacd8c190d2c59353542afd2e641bdde6de5abeb3da4ea9e513f7743c8f883dc7c
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Payload
Detects Dridex x64 core DLL in memory.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-