General
-
Target
NoThreatDetected-d2a9857b2a44d8a2cf5c90cb47040135626aaa7e4312cc91be2bc36c64edd08fN
-
Size
1.2MB
-
Sample
240919-z12vna1ejj
-
MD5
4c701019b6ecf3b6447881b611b63ec0
-
SHA1
38708fd32051761d67ae4eedfe9a3de15bee50fe
-
SHA256
d2a9857b2a44d8a2cf5c90cb47040135626aaa7e4312cc91be2bc36c64edd08f
-
SHA512
102b79e9ed116b503d106a44e3214354c0dd30b2c29d6be3d19df4236a5c7a5acb2238cb8268358ec216d2aa41f5ed33ccf96114834cea226b369f788268af06
-
SSDEEP
12288:lxE0waBckFdlxVRZ1hcyknDb3PTdcGvnx10k2d2Y6q2mQpxU1:XZLVJxVHfcLnDTZcG/xmk2d2qZwy1
Malware Config
Targets
-
-
Target
NoThreatDetected-d2a9857b2a44d8a2cf5c90cb47040135626aaa7e4312cc91be2bc36c64edd08fN
-
Size
1.2MB
-
MD5
4c701019b6ecf3b6447881b611b63ec0
-
SHA1
38708fd32051761d67ae4eedfe9a3de15bee50fe
-
SHA256
d2a9857b2a44d8a2cf5c90cb47040135626aaa7e4312cc91be2bc36c64edd08f
-
SHA512
102b79e9ed116b503d106a44e3214354c0dd30b2c29d6be3d19df4236a5c7a5acb2238cb8268358ec216d2aa41f5ed33ccf96114834cea226b369f788268af06
-
SSDEEP
12288:lxE0waBckFdlxVRZ1hcyknDb3PTdcGvnx10k2d2Y6q2mQpxU1:XZLVJxVHfcLnDTZcG/xmk2d2qZwy1
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-