General
-
Target
NoThreatDetectedddc50ab4f6757dd5480e6aa78969bc0b5cd646742b59bd90855436618a44ebbdN
-
Size
1.8MB
-
Sample
240917-jepp7s1fpc
-
MD5
e14d296a8d3172360c2d73bd3baab2b0
-
SHA1
0898ae4f9a6926d308a1e24e7f7a2fab85580541
-
SHA256
ddc50ab4f6757dd5480e6aa78969bc0b5cd646742b59bd90855436618a44ebbd
-
SHA512
1874fce4ac65204917ba183d5eb10ae607f9403b3a878f1bc402c80b36959e2cc71fc49f8115710d1a76d07efa5e2bc39429d075d9b4c5c517121add23a23856
-
SSDEEP
12288:PxE0waBckFdlxVRZ1hcyknDb3PTdcGvnx10k2d2Y6q2mQpxVOa:ZZLVJxVHfcLnDTZcG/xmk2d2qZwq
Malware Config
Targets
-
-
Target
NoThreatDetectedddc50ab4f6757dd5480e6aa78969bc0b5cd646742b59bd90855436618a44ebbdN
-
Size
1.8MB
-
MD5
e14d296a8d3172360c2d73bd3baab2b0
-
SHA1
0898ae4f9a6926d308a1e24e7f7a2fab85580541
-
SHA256
ddc50ab4f6757dd5480e6aa78969bc0b5cd646742b59bd90855436618a44ebbd
-
SHA512
1874fce4ac65204917ba183d5eb10ae607f9403b3a878f1bc402c80b36959e2cc71fc49f8115710d1a76d07efa5e2bc39429d075d9b4c5c517121add23a23856
-
SSDEEP
12288:PxE0waBckFdlxVRZ1hcyknDb3PTdcGvnx10k2d2Y6q2mQpxVOa:ZZLVJxVHfcLnDTZcG/xmk2d2qZwq
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Accessibility Features
1