General
-
Target
5a9312f37fc4f6e40e1cf12c15df2a7d84199ac4d594831db9f6ca1c4a6cbfab
-
Size
668KB
-
Sample
241018-fsgpzasaqk
-
MD5
f640bf21877302ba5a105a1cc52c4aef
-
SHA1
7f84c86e274bed6a64be7123cb15f4e1fc477ff6
-
SHA256
5a9312f37fc4f6e40e1cf12c15df2a7d84199ac4d594831db9f6ca1c4a6cbfab
-
SHA512
d0f670cd9a926c674bfb926b6d080ecc8e0b3d6f2350567cb0d8ff56a15c53b461064026f5b9604afbab6035b4aed7786c66d3ef529fa789708910c1d6acc3fd
-
SSDEEP
6144:f34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuT9:fIKp/UWCZdCDh2IZDwAFRpR6Auz1
Malware Config
Targets
-
-
Target
5a9312f37fc4f6e40e1cf12c15df2a7d84199ac4d594831db9f6ca1c4a6cbfab
-
Size
668KB
-
MD5
f640bf21877302ba5a105a1cc52c4aef
-
SHA1
7f84c86e274bed6a64be7123cb15f4e1fc477ff6
-
SHA256
5a9312f37fc4f6e40e1cf12c15df2a7d84199ac4d594831db9f6ca1c4a6cbfab
-
SHA512
d0f670cd9a926c674bfb926b6d080ecc8e0b3d6f2350567cb0d8ff56a15c53b461064026f5b9604afbab6035b4aed7786c66d3ef529fa789708910c1d6acc3fd
-
SSDEEP
6144:f34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuT9:fIKp/UWCZdCDh2IZDwAFRpR6Auz1
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-