d6b765e0c278fe4383427e864d9baf366cd2ce7895cf9d038aa29c15174e2caa

Tags

Signatures

• Dridex

  Description

  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

  Tags

  botnetdridex

• Dridex Shellcode

  Description

  Detects Dridex Payload shellcode injected in Explorer process.

  Tags

  botnetpayload

• Executes dropped EXE

• Drops startup file

• Loads dropped DLL

• Adds Run key to start application

  Tags

  persistence

  TTPs

  Registry Run Keys / Startup FolderModify Registry

• Checks whether UAC is enabled

  Tags

  evasiontrojan

  TTPs

  System Information Discovery

Related Tasks