General
-
Target
d70cbf2e929c4fbb64f4419a78886ab67b0ea871da04707ae11e8ea7bc6c61b8
-
Size
688KB
-
Sample
220417-t3hxnsahen
-
MD5
15fc0dc01320ac7b47575784d3a305a2
-
SHA1
c33d4e210be69fc0fefc0da43345eec140eae4d4
-
SHA256
d70cbf2e929c4fbb64f4419a78886ab67b0ea871da04707ae11e8ea7bc6c61b8
-
SHA512
58befb709d085e6dd8ef708ade97ba252ee65145896c1189a181c97b66dafc4fc1842b5174dc93b0014349c0e2ad46ef212e45d8db703b2ac0b07d761e8cef02
Malware Config
Targets
-
-
Target
d70cbf2e929c4fbb64f4419a78886ab67b0ea871da04707ae11e8ea7bc6c61b8
-
Size
688KB
-
MD5
15fc0dc01320ac7b47575784d3a305a2
-
SHA1
c33d4e210be69fc0fefc0da43345eec140eae4d4
-
SHA256
d70cbf2e929c4fbb64f4419a78886ab67b0ea871da04707ae11e8ea7bc6c61b8
-
SHA512
58befb709d085e6dd8ef708ade97ba252ee65145896c1189a181c97b66dafc4fc1842b5174dc93b0014349c0e2ad46ef212e45d8db703b2ac0b07d761e8cef02
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Payload
Detects Dridex x64 core DLL in memory.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-