General
-
Target
fb1a305589018230311a426fea737ae107770eddc6441c497d02baac206d7110
-
Size
1.5MB
-
Sample
241012-bgna6atglg
-
MD5
1e9ff1b997f023586284933ba6f950ab
-
SHA1
c90cc77bfb1453f9840d5687667a494e6fdea326
-
SHA256
fb1a305589018230311a426fea737ae107770eddc6441c497d02baac206d7110
-
SHA512
e75cf5e46b652125845a1efe8ab1086c08263c36f18fc103da01e0553b73a7c9601de888c09b940ae61cba1487202039b8e0b7b25e32e4c9286f50b9ef443fb2
-
SSDEEP
12288:1XBQ3fMQyWV0rbDxyBWZh2TvtgHoiemIKI1ydX7wmqzq3wkgJ:pB/Qn0rbD8UZUDtgIiemI51Mwtewkm
Malware Config
Targets
-
-
Target
fb1a305589018230311a426fea737ae107770eddc6441c497d02baac206d7110
-
Size
1.5MB
-
MD5
1e9ff1b997f023586284933ba6f950ab
-
SHA1
c90cc77bfb1453f9840d5687667a494e6fdea326
-
SHA256
fb1a305589018230311a426fea737ae107770eddc6441c497d02baac206d7110
-
SHA512
e75cf5e46b652125845a1efe8ab1086c08263c36f18fc103da01e0553b73a7c9601de888c09b940ae61cba1487202039b8e0b7b25e32e4c9286f50b9ef443fb2
-
SSDEEP
12288:1XBQ3fMQyWV0rbDxyBWZh2TvtgHoiemIKI1ydX7wmqzq3wkgJ:pB/Qn0rbD8UZUDtgIiemI51Mwtewkm
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Accessibility Features
1