2e3345d45293cd602f027f8a9c0ffbe4435aca82efff9d09318e38af7b4aff0f

General
Target

2e3345d45293cd602f027f8a9c0ffbe4435aca82efff9d09318e38af7b4aff0f

Size

1MB

Sample

211126-lgl37sbefr

Score
10 /10
MD5

8bdd5a9dbe6ed7f370621c995b365166

SHA1

54b3c311855e88b1051a44d1ea7cc2560361f4fb

SHA256

2e3345d45293cd602f027f8a9c0ffbe4435aca82efff9d09318e38af7b4aff0f

SHA512

788d06a8dd764ef66c4a626766d3f8071dd9b622db5ccbf20b902a2ab97c1139821d9c45d1e78668081fa2a9a0c809aab9484b6e177bfead02bcbc5d38838212

Malware Config
Targets
Target

2e3345d45293cd602f027f8a9c0ffbe4435aca82efff9d09318e38af7b4aff0f

MD5

8bdd5a9dbe6ed7f370621c995b365166

Filesize

1MB

Score
10/10
SHA1

54b3c311855e88b1051a44d1ea7cc2560361f4fb

SHA256

2e3345d45293cd602f027f8a9c0ffbe4435aca82efff9d09318e38af7b4aff0f

SHA512

788d06a8dd764ef66c4a626766d3f8071dd9b622db5ccbf20b902a2ab97c1139821d9c45d1e78668081fa2a9a0c809aab9484b6e177bfead02bcbc5d38838212

Tags

Signatures

  • Dridex

    Description

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    Tags

  • Dridex Shellcode

    Description

    Detects Dridex Payload shellcode injected in Explorer process.

    Tags

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    Tags

    TTPs

    Registry Run Keys / Startup FolderModify Registry
  • Checks whether UAC is enabled

    Tags

    TTPs

    System Information Discovery

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Privilege Escalation