General
-
Target
096c5233892113f80a9ade6545c751fd5c7e049e3357f0be6a0dc8debd18f5a0
-
Size
1.1MB
-
Sample
241012-pn2zsazgrg
-
MD5
29b4a43d6fa90c2c28824982c991da5d
-
SHA1
f4693227a98c1b9a031bb6ad182c5f20b83de5f1
-
SHA256
096c5233892113f80a9ade6545c751fd5c7e049e3357f0be6a0dc8debd18f5a0
-
SHA512
88fa077dc53d0bef81cdfc3d6da7f44ffc77ca3bdd5fd1818c37c0e9327fdd5b1749945393289b87f7aa2f0a2ddb11b924cea0861e83960bd858f7e353f43f2c
-
SSDEEP
12288:LkMZ+g4TyilMqFvPIV93i/S0hzmOBt5nihfSxI/mhjEvqJ0D/eAQsroXAkH64C:LkMZ+gf4ltGd8H1fYO0q2G1Ah
Malware Config
Targets
-
-
Target
096c5233892113f80a9ade6545c751fd5c7e049e3357f0be6a0dc8debd18f5a0
-
Size
1.1MB
-
MD5
29b4a43d6fa90c2c28824982c991da5d
-
SHA1
f4693227a98c1b9a031bb6ad182c5f20b83de5f1
-
SHA256
096c5233892113f80a9ade6545c751fd5c7e049e3357f0be6a0dc8debd18f5a0
-
SHA512
88fa077dc53d0bef81cdfc3d6da7f44ffc77ca3bdd5fd1818c37c0e9327fdd5b1749945393289b87f7aa2f0a2ddb11b924cea0861e83960bd858f7e353f43f2c
-
SSDEEP
12288:LkMZ+g4TyilMqFvPIV93i/S0hzmOBt5nihfSxI/mhjEvqJ0D/eAQsroXAkH64C:LkMZ+gf4ltGd8H1fYO0q2G1Ah
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Accessibility Features
1