General
-
Target
86bcfce2dd342e9a1c04cfc65731d40ed1c397a4ec47bd9f5b41771297d81100.zip
-
Size
502KB
-
Sample
230310-nl4j6afb5v
-
MD5
1c60bd8b7c7efe8726da3b3b9af3d89b
-
SHA1
08ba1769f6d3aef868a0bcf27586dd64c9ca6f4f
-
SHA256
42012850646049ef86749410810b29abfd3c823e9987c9e1b5ac551ed3cc4101
-
SHA512
03e7c0b4eb299bee4605691a8770e8e82d80a30fe1754e25adff4163720b83ed4fbb61ad360fe99c46ed9275594a834634707dc531ad26530d602715e9fb8735
-
SSDEEP
12288:4MyvDUnZC8nwx2IckBQx0swryF8iJlRQXI2la5rzlVtEzjb7F:9KDUTg2jxQryFBGklzLtW7F
Malware Config
Targets
-
-
Target
86bcfce2dd342e9a1c04cfc65731d40ed1c397a4ec47bd9f5b41771297d81100.exe
-
Size
768KB
-
MD5
bd5cfa593ed87901f8184eaa44c0a8b8
-
SHA1
963a57fb83ca6361624fb057058ea4fb538015dc
-
SHA256
86bcfce2dd342e9a1c04cfc65731d40ed1c397a4ec47bd9f5b41771297d81100
-
SHA512
f6235abb0503db5a7cc7a0f6d2a4682db1491127a4f5700d3f68e15535b838651e1df8a8292643e46febb678e16abe9f36f6990db57db3f58c60ceae186ae489
-
SSDEEP
12288:4lORVEAueQmTmQKO2nMlqVaSEwzH7YxiCyJ86azEZy1f11pNx:8ORVEVNmaDznMlqVNE27dJ8J2inNx
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Modify Registry
1Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Registry Run Keys / Startup Folder
1Privilege Escalation