General
-
Target
82095408cb1b096fdf360cc0ed6d8e2ba0232e62e4f37a01aa31b4fc69fc618b
-
Size
1.4MB
-
Sample
241012-sn58zs1fpj
-
MD5
6ad98a87dfac01169872c8d4fcfcf27d
-
SHA1
e5c6476f15f2d64c0626335585f0f18ed917248a
-
SHA256
82095408cb1b096fdf360cc0ed6d8e2ba0232e62e4f37a01aa31b4fc69fc618b
-
SHA512
1fef8d13244cf1a724bdac23697f48ba5bfd3af84666d713ada3684d6fc7c1b0dd0ce05fdefc898298e5b1b8986160d85787ed0e728d72293344174696b0257b
-
SSDEEP
12288:+kMZ+g4TyilMqFvPIV93i/S0hzmOBt5nihfSxI/mhjEvqJ0D/eAQsroXAkH64Cu5:+kMZ+gf4ltGd8H1fYO0q2G1Ahu5
Malware Config
Targets
-
-
Target
82095408cb1b096fdf360cc0ed6d8e2ba0232e62e4f37a01aa31b4fc69fc618b
-
Size
1.4MB
-
MD5
6ad98a87dfac01169872c8d4fcfcf27d
-
SHA1
e5c6476f15f2d64c0626335585f0f18ed917248a
-
SHA256
82095408cb1b096fdf360cc0ed6d8e2ba0232e62e4f37a01aa31b4fc69fc618b
-
SHA512
1fef8d13244cf1a724bdac23697f48ba5bfd3af84666d713ada3684d6fc7c1b0dd0ce05fdefc898298e5b1b8986160d85787ed0e728d72293344174696b0257b
-
SSDEEP
12288:+kMZ+g4TyilMqFvPIV93i/S0hzmOBt5nihfSxI/mhjEvqJ0D/eAQsroXAkH64Cu5:+kMZ+gf4ltGd8H1fYO0q2G1Ahu5
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Accessibility Features
1