General
-
Target
oracle.dll
-
Size
936KB
-
Sample
211027-nh1dbsedg7
-
MD5
92ae97351915ae5909eccfcb8b04267b
-
SHA1
77c6b72a1912f6fabc70cd2d4890e9b86d798c64
-
SHA256
816ff173cf69382a0d8a226fdf930eb4fc24762133da7ecdb998459cc6a5109e
-
SHA512
7424d7a40a5d272f95394506ed2a2df441a26695f1b61e8f201813489a71383ab5b8a8c22f4f9e1ae4d64c0082f1d90285b7d9f5399d06b4045799c7e650a5c5
Malware Config
Targets
-
-
Target
oracle.dll
-
Size
936KB
-
MD5
92ae97351915ae5909eccfcb8b04267b
-
SHA1
77c6b72a1912f6fabc70cd2d4890e9b86d798c64
-
SHA256
816ff173cf69382a0d8a226fdf930eb4fc24762133da7ecdb998459cc6a5109e
-
SHA512
7424d7a40a5d272f95394506ed2a2df441a26695f1b61e8f201813489a71383ab5b8a8c22f4f9e1ae4d64c0082f1d90285b7d9f5399d06b4045799c7e650a5c5
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Payload
Detects Dridex x64 core DLL in memory.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-