General
-
Target
2cc4b7ba09d166723dfdd48736c3452b7f38d34fd016d795db9c39d249638f04
-
Size
804KB
-
Sample
210930-npfbqshegl
-
MD5
fd695151b5c8f9e149a58126b5bb7bb5
-
SHA1
df1591619a93b382b4ee7fed8ec8b8eb35a3bdcf
-
SHA256
2cc4b7ba09d166723dfdd48736c3452b7f38d34fd016d795db9c39d249638f04
-
SHA512
8088fdb08434752219850904d3c3548afadcea4cc1db1a6d9a84aefb327e5a040429e2767936548a6ba7813d2379805c02c923ac24faa181efa8d8ef4b12fffb
Malware Config
Targets
-
-
Target
2cc4b7ba09d166723dfdd48736c3452b7f38d34fd016d795db9c39d249638f04
-
Size
804KB
-
MD5
fd695151b5c8f9e149a58126b5bb7bb5
-
SHA1
df1591619a93b382b4ee7fed8ec8b8eb35a3bdcf
-
SHA256
2cc4b7ba09d166723dfdd48736c3452b7f38d34fd016d795db9c39d249638f04
-
SHA512
8088fdb08434752219850904d3c3548afadcea4cc1db1a6d9a84aefb327e5a040429e2767936548a6ba7813d2379805c02c923ac24faa181efa8d8ef4b12fffb
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Payload
Detects Dridex x64 core DLL in memory.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-