General
-
Target
81b6123f37af744dc0f4589543d609eef8d715afd6aa69526d822b9b2843e3dd
-
Size
944KB
-
Sample
241018-fsg1qssaqn
-
MD5
e94305a2d837ad0f083f15a2b86f37d0
-
SHA1
da603e9964396165dd776409d725d88c8150a940
-
SHA256
81b6123f37af744dc0f4589543d609eef8d715afd6aa69526d822b9b2843e3dd
-
SHA512
fbeeb478c17fe57d4a8ba93c8a4a9f552ce6dc45ca6e2e4ff0b007df101167348d191e58f967c9a283b3ed4f4b209ddf534debf8d24f3eca90b0311c55bf70a6
-
SSDEEP
6144:D34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuT3:DIKp/UWCZdCDh2IZDwAFRpR6AuJZK
Malware Config
Targets
-
-
Target
81b6123f37af744dc0f4589543d609eef8d715afd6aa69526d822b9b2843e3dd
-
Size
944KB
-
MD5
e94305a2d837ad0f083f15a2b86f37d0
-
SHA1
da603e9964396165dd776409d725d88c8150a940
-
SHA256
81b6123f37af744dc0f4589543d609eef8d715afd6aa69526d822b9b2843e3dd
-
SHA512
fbeeb478c17fe57d4a8ba93c8a4a9f552ce6dc45ca6e2e4ff0b007df101167348d191e58f967c9a283b3ed4f4b209ddf534debf8d24f3eca90b0311c55bf70a6
-
SSDEEP
6144:D34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuT3:DIKp/UWCZdCDh2IZDwAFRpR6AuJZK
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Accessibility Features
1