General
-
Target
21de85c0a76210717d0d54e3c7b54073950460c3f20fab0f9637961674e10fd1.bin
-
Size
772KB
-
Sample
211108-1y9m6aacan
-
MD5
7b237c88d1593a283111bf32734bf8ed
-
SHA1
d7ce638ff0cc2e5cb5744222300191a78953fd03
-
SHA256
21de85c0a76210717d0d54e3c7b54073950460c3f20fab0f9637961674e10fd1
-
SHA512
ef3b784105a5512852c6acb39edecf48db33be3f94f90ce3eee6be92f9a8a5ef13c890b810b274bf5f875ee6d52b789e33c4cc5577d2cd136299e9a11bfbcea1
Malware Config
Targets
-
-
Target
21de85c0a76210717d0d54e3c7b54073950460c3f20fab0f9637961674e10fd1.bin
-
Size
772KB
-
MD5
7b237c88d1593a283111bf32734bf8ed
-
SHA1
d7ce638ff0cc2e5cb5744222300191a78953fd03
-
SHA256
21de85c0a76210717d0d54e3c7b54073950460c3f20fab0f9637961674e10fd1
-
SHA512
ef3b784105a5512852c6acb39edecf48db33be3f94f90ce3eee6be92f9a8a5ef13c890b810b274bf5f875ee6d52b789e33c4cc5577d2cd136299e9a11bfbcea1
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Payload
Detects Dridex x64 core DLL in memory.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-