General
-
Target
94a90a4eb25abcbbac0c023c3736473b5a29df02f1a702ca86d037b5ca244312
-
Size
664KB
-
Sample
241018-ewb38azcmq
-
MD5
ce92fb27287b8d8da3b53825faebe282
-
SHA1
b0b3a97dcfecb6a25ad52cfca9a9f8708eaa3a76
-
SHA256
94a90a4eb25abcbbac0c023c3736473b5a29df02f1a702ca86d037b5ca244312
-
SHA512
27f0d045d02c93cc1ebc5e5ab22716fa48d02d00f02445b3e215c980e01ef1d688cbbd732924113fdb691ec076fefa0ee8f5124b4164544168397b6129a8f215
-
SSDEEP
6144:S34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:SIKp/UWCZdCDh2IZDwAFRpR6Au
Malware Config
Targets
-
-
Target
94a90a4eb25abcbbac0c023c3736473b5a29df02f1a702ca86d037b5ca244312
-
Size
664KB
-
MD5
ce92fb27287b8d8da3b53825faebe282
-
SHA1
b0b3a97dcfecb6a25ad52cfca9a9f8708eaa3a76
-
SHA256
94a90a4eb25abcbbac0c023c3736473b5a29df02f1a702ca86d037b5ca244312
-
SHA512
27f0d045d02c93cc1ebc5e5ab22716fa48d02d00f02445b3e215c980e01ef1d688cbbd732924113fdb691ec076fefa0ee8f5124b4164544168397b6129a8f215
-
SSDEEP
6144:S34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:SIKp/UWCZdCDh2IZDwAFRpR6Au
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-