General
-
Target
e36e53073055480f0401b56d3149b60bb3e47a95237eee92ba62f659b875e33a
-
Size
668KB
-
Sample
241018-aj7xxaxerp
-
MD5
180c0aa7fe397e299b050b5a9fa20041
-
SHA1
7c6f6b915e18f322b65187b831cbb5f68ed02c09
-
SHA256
e36e53073055480f0401b56d3149b60bb3e47a95237eee92ba62f659b875e33a
-
SHA512
822daa11c3f169efb36848e9ac0e0ad391d9401cb8d329cd3b9d1a0dc3d5aae029f356bded5dd625e44ba364fb615b861846c5d580dc7d65b4faeccc9ff5fea7
-
SSDEEP
6144:o34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:oIKp/UWCZdCDh2IZDwAFRpR6Au
Malware Config
Targets
-
-
Target
e36e53073055480f0401b56d3149b60bb3e47a95237eee92ba62f659b875e33a
-
Size
668KB
-
MD5
180c0aa7fe397e299b050b5a9fa20041
-
SHA1
7c6f6b915e18f322b65187b831cbb5f68ed02c09
-
SHA256
e36e53073055480f0401b56d3149b60bb3e47a95237eee92ba62f659b875e33a
-
SHA512
822daa11c3f169efb36848e9ac0e0ad391d9401cb8d329cd3b9d1a0dc3d5aae029f356bded5dd625e44ba364fb615b861846c5d580dc7d65b4faeccc9ff5fea7
-
SSDEEP
6144:o34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:oIKp/UWCZdCDh2IZDwAFRpR6Au
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-