General
-
Target
Trojan.Win64.Dridex.ASFS.MTB-98f5cbef3bae29cbc52bcb0224d5964f69ab793f2296a6954e68ffdf26636d8fN
-
Size
1.8MB
-
Sample
240916-w41j8atblr
-
MD5
0911f9a26ce4142acbb04da26b9d54f0
-
SHA1
6e443ef54eb8b28725f0717cba6ccdc03d66ba77
-
SHA256
98f5cbef3bae29cbc52bcb0224d5964f69ab793f2296a6954e68ffdf26636d8f
-
SHA512
bc42593e5dc3c2dd52f45ff292db1eab892cf53b158f3018e6a6e2795e47f01700c80b85b5297e9541c2c6e5a3317d5325d84f99b8b82ec3780f049350b9ece6
-
SSDEEP
24576:y6UQsIUK6eiyaJt2TlBuWA+ypYKLDGxaaxg1qpRai:nUQsIUK6eiyaJYTlBQ+mxH9au1eRai
Malware Config
Targets
-
-
Target
Trojan.Win64.Dridex.ASFS.MTB-98f5cbef3bae29cbc52bcb0224d5964f69ab793f2296a6954e68ffdf26636d8fN
-
Size
1.8MB
-
MD5
0911f9a26ce4142acbb04da26b9d54f0
-
SHA1
6e443ef54eb8b28725f0717cba6ccdc03d66ba77
-
SHA256
98f5cbef3bae29cbc52bcb0224d5964f69ab793f2296a6954e68ffdf26636d8f
-
SHA512
bc42593e5dc3c2dd52f45ff292db1eab892cf53b158f3018e6a6e2795e47f01700c80b85b5297e9541c2c6e5a3317d5325d84f99b8b82ec3780f049350b9ece6
-
SSDEEP
24576:y6UQsIUK6eiyaJt2TlBuWA+ypYKLDGxaaxg1qpRai:nUQsIUK6eiyaJYTlBQ+mxH9au1eRai
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-