6e90088bb8cc71fcebb71469a7e5668a0b6aacfa21fb274febbb523a427d8e40

General
Target

6e90088bb8cc71fcebb71469a7e5668a0b6aacfa21fb274febbb523a427d8e40

Size

1MB

Sample

211126-lfx43segf4

Score
10 /10
MD5

95a8147f694adad1655a2a158ba6d369

SHA1

2911097d1da2ab8d364309a339f0f9afc78375ee

SHA256

6e90088bb8cc71fcebb71469a7e5668a0b6aacfa21fb274febbb523a427d8e40

SHA512

e7a184b61894a1ea414bc362fc6a37f7941d0ac91e07681dbaa2604930c126a88993c0562abcc579112554eb1fbb23f592d4cb5ebafb88724f5f9e921fbaf93f

Malware Config
Targets
Target

6e90088bb8cc71fcebb71469a7e5668a0b6aacfa21fb274febbb523a427d8e40

MD5

95a8147f694adad1655a2a158ba6d369

Filesize

1MB

Score
10/10
SHA1

2911097d1da2ab8d364309a339f0f9afc78375ee

SHA256

6e90088bb8cc71fcebb71469a7e5668a0b6aacfa21fb274febbb523a427d8e40

SHA512

e7a184b61894a1ea414bc362fc6a37f7941d0ac91e07681dbaa2604930c126a88993c0562abcc579112554eb1fbb23f592d4cb5ebafb88724f5f9e921fbaf93f

Tags

Signatures

  • Dridex

    Description

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    Tags

  • Dridex Shellcode

    Description

    Detects Dridex Payload shellcode injected in Explorer process.

    Tags

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    Tags

    TTPs

    Registry Run Keys / Startup FolderModify Registry
  • Checks whether UAC is enabled

    Tags

    TTPs

    System Information Discovery

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Privilege Escalation