General
-
Target
d95eec365ca1737b4a967ec123f3d2fc0115c92672aa08a8f7b153dd05d6569b
-
Size
689KB
-
Sample
220417-t3ha5sahem
-
MD5
b1cdb53b8ab59c27a81d06855ba5b6bd
-
SHA1
1725f3f1f6a59e2349846136291da89e568d0286
-
SHA256
d95eec365ca1737b4a967ec123f3d2fc0115c92672aa08a8f7b153dd05d6569b
-
SHA512
31b62bfac64df1f534e44466d896bd80c46fed15f4ea7c0db6d65a6727ffb21d9ab47ee573d8878cbb8c11fe173aefa12261b502bf6279dc653348b27f39be8a
Malware Config
Targets
-
-
Target
d95eec365ca1737b4a967ec123f3d2fc0115c92672aa08a8f7b153dd05d6569b
-
Size
689KB
-
MD5
b1cdb53b8ab59c27a81d06855ba5b6bd
-
SHA1
1725f3f1f6a59e2349846136291da89e568d0286
-
SHA256
d95eec365ca1737b4a967ec123f3d2fc0115c92672aa08a8f7b153dd05d6569b
-
SHA512
31b62bfac64df1f534e44466d896bd80c46fed15f4ea7c0db6d65a6727ffb21d9ab47ee573d8878cbb8c11fe173aefa12261b502bf6279dc653348b27f39be8a
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Payload
Detects Dridex x64 core DLL in memory.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-