General
-
Target
659fb5a890e7be6cbfe2a20042a83f9032907ea12a549de3aab9c0c79211beaf
-
Size
944KB
-
Sample
241018-et8z6szbqr
-
MD5
a4804bb1aba480dec5d7b54e9a82747b
-
SHA1
69f96371c589b596531fc402aabe99165472904d
-
SHA256
659fb5a890e7be6cbfe2a20042a83f9032907ea12a549de3aab9c0c79211beaf
-
SHA512
a2f4980109bd4109a61cc618c5a09772291286c6d5ceefaa180b340a4f57fb49cd8bdfb510710c5293dbe2d2031acfe7575f9b4e42d019078bd2d007058ef37c
-
SSDEEP
6144:j34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTR:jIKp/UWCZdCDh2IZDwAFRpR6AuvS0K
Malware Config
Targets
-
-
Target
659fb5a890e7be6cbfe2a20042a83f9032907ea12a549de3aab9c0c79211beaf
-
Size
944KB
-
MD5
a4804bb1aba480dec5d7b54e9a82747b
-
SHA1
69f96371c589b596531fc402aabe99165472904d
-
SHA256
659fb5a890e7be6cbfe2a20042a83f9032907ea12a549de3aab9c0c79211beaf
-
SHA512
a2f4980109bd4109a61cc618c5a09772291286c6d5ceefaa180b340a4f57fb49cd8bdfb510710c5293dbe2d2031acfe7575f9b4e42d019078bd2d007058ef37c
-
SSDEEP
6144:j34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTR:jIKp/UWCZdCDh2IZDwAFRpR6AuvS0K
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Accessibility Features
1