Description
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
55eddcd9ad0a30bea19917fb692268f64d0368b82bdd21f978f1ce2232091087
General
Target
Size
Sample
55eddcd9ad0a30bea19917fb692268f64d0368b82bdd21f978f1ce2232091087
1MB
211126-lhpkqaegh5
Score
10 /10
MD5
SHA1
SHA256
SHA512
41ed518bacab22ba8da8b7c5f15ba859
1b2212ed3d9261d2517f1239bf1ef19c71e1430f
55eddcd9ad0a30bea19917fb692268f64d0368b82bdd21f978f1ce2232091087
4e974ff9c55e91ed641b9c3b163469837dffa75ea1973ad7457114fb0c68cb0cfb1011b2975d38e67f1a064cd906af45ffc2ee773c7886a7d9601ffec0f8dc32
Malware Config
Targets
Target
MD5
Filesize
55eddcd9ad0a30bea19917fb692268f64d0368b82bdd21f978f1ce2232091087
41ed518bacab22ba8da8b7c5f15ba859
1MB
Score
10/10
SHA1
SHA256
SHA512
1b2212ed3d9261d2517f1239bf1ef19c71e1430f
55eddcd9ad0a30bea19917fb692268f64d0368b82bdd21f978f1ce2232091087
4e974ff9c55e91ed641b9c3b163469837dffa75ea1973ad7457114fb0c68cb0cfb1011b2975d38e67f1a064cd906af45ffc2ee773c7886a7d9601ffec0f8dc32
Tags
Signatures
-
Dridex
-
Dridex Shellcode
Description
Detects Dridex Payload shellcode injected in Explorer process.
Tags
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
Tags
TTPs
-
Checks whether UAC is enabled
Tags
TTPs
Related Tasks
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Tasks