General
-
Target
8c1edc294ab7bcaa45a2467817c833c0_NEIKI
-
Size
1.2MB
-
Sample
240508-blb4paae5x
-
MD5
8c1edc294ab7bcaa45a2467817c833c0
-
SHA1
84166d264a241b17e0c30e57c8a9029bdefc4448
-
SHA256
a26ebf633120aaf24e733dd3b9a4737d20565d3b8b43edffe548e7bc8e3528c9
-
SHA512
4369e992d268d298c9e7dbf39596f650a5390e6e5f1b3a0e555e11c7f1f0bbaf5bbc056669054aad7dfb2180e66977d3e5d93299699103239abf4dc6214be68a
-
SSDEEP
12288:w38uea4w46+K1FZPfxyMs2SRXTajPomqkpyrJXy6mfvHELWUbxdewWRa7CkhkgjS:K8uea4w467D5/0ypyFYELW8xFZmMXJZ
Malware Config
Targets
-
-
Target
8c1edc294ab7bcaa45a2467817c833c0_NEIKI
-
Size
1.2MB
-
MD5
8c1edc294ab7bcaa45a2467817c833c0
-
SHA1
84166d264a241b17e0c30e57c8a9029bdefc4448
-
SHA256
a26ebf633120aaf24e733dd3b9a4737d20565d3b8b43edffe548e7bc8e3528c9
-
SHA512
4369e992d268d298c9e7dbf39596f650a5390e6e5f1b3a0e555e11c7f1f0bbaf5bbc056669054aad7dfb2180e66977d3e5d93299699103239abf4dc6214be68a
-
SSDEEP
12288:w38uea4w46+K1FZPfxyMs2SRXTajPomqkpyrJXy6mfvHELWUbxdewWRa7CkhkgjS:K8uea4w467D5/0ypyFYELW8xFZmMXJZ
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-