General
-
Target
15e232aa5f26fe7ff3ec901f1ce86f8d42e1cab7b455bcb542c16029db6e9cae
-
Size
668KB
-
Sample
241018-aesx7axcrj
-
MD5
b534ddbf1e179b81850ddc36674a766c
-
SHA1
9cbb409970c10468d338937d8a8e85dbd69b48e8
-
SHA256
15e232aa5f26fe7ff3ec901f1ce86f8d42e1cab7b455bcb542c16029db6e9cae
-
SHA512
8d1e304e6d11509b34f40ab23a8ce2ea4391b5c177388c938cd6e99d22036c80a515cdea95755997cfbacf443b9e1f6bf0b81eec7b7581aee316348a79c32ced
-
SSDEEP
6144:J34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTt:JIKp/UWCZdCDh2IZDwAFRpR6Au
Malware Config
Targets
-
-
Target
15e232aa5f26fe7ff3ec901f1ce86f8d42e1cab7b455bcb542c16029db6e9cae
-
Size
668KB
-
MD5
b534ddbf1e179b81850ddc36674a766c
-
SHA1
9cbb409970c10468d338937d8a8e85dbd69b48e8
-
SHA256
15e232aa5f26fe7ff3ec901f1ce86f8d42e1cab7b455bcb542c16029db6e9cae
-
SHA512
8d1e304e6d11509b34f40ab23a8ce2ea4391b5c177388c938cd6e99d22036c80a515cdea95755997cfbacf443b9e1f6bf0b81eec7b7581aee316348a79c32ced
-
SSDEEP
6144:J34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTt:JIKp/UWCZdCDh2IZDwAFRpR6Au
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Accessibility Features
1