General
-
Target
5b9c626135ed024ceab7580bd87d8674970aba273966b1417a01d2e53be13bff
-
Size
796KB
-
Sample
210930-nwq2tahehr
-
MD5
eb50637909105c9a72ca419aa945e12f
-
SHA1
47168c07bd06e086fd1fe13091f44f6a5cf7534d
-
SHA256
5b9c626135ed024ceab7580bd87d8674970aba273966b1417a01d2e53be13bff
-
SHA512
e0083883eea44dd3db8a98826d969fa60f991e6d4601ede2e9e1f01f6d7641e223a7a99e367c47d1b6a767353c8f30f5cb86d40fffe0487ec244314cec07322c
Malware Config
Targets
-
-
Target
5b9c626135ed024ceab7580bd87d8674970aba273966b1417a01d2e53be13bff
-
Size
796KB
-
MD5
eb50637909105c9a72ca419aa945e12f
-
SHA1
47168c07bd06e086fd1fe13091f44f6a5cf7534d
-
SHA256
5b9c626135ed024ceab7580bd87d8674970aba273966b1417a01d2e53be13bff
-
SHA512
e0083883eea44dd3db8a98826d969fa60f991e6d4601ede2e9e1f01f6d7641e223a7a99e367c47d1b6a767353c8f30f5cb86d40fffe0487ec244314cec07322c
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Payload
Detects Dridex x64 core DLL in memory.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-