General
-
Target
51cf44bbd50316dd6456f4df6c461733c09819ab884b20524a4e894ba5492342
-
Size
708KB
-
Sample
241022-agnfgsvdrd
-
MD5
19e0da0415c781dc9a288722bc701c09
-
SHA1
daf23af4714e913c83b3ac2ed9429c0db92ba8dc
-
SHA256
51cf44bbd50316dd6456f4df6c461733c09819ab884b20524a4e894ba5492342
-
SHA512
032e1980098d1de45353bf1831e90d6ab9ebef726b7b0fffadc368278115d025cbe98608c81cbb086df2e61b8bf253ba92996b8cf119bfdc2c5460d8bd4f6518
-
SSDEEP
12288:OEwgKnIhABTW0HcD5a1PKxdZhC+k+V9Hgeb/tf/B9P632vHAA:OEwXnOAx5HcDM1Sxd3ChCHg2/P9yGo
Malware Config
Targets
-
-
Target
51cf44bbd50316dd6456f4df6c461733c09819ab884b20524a4e894ba5492342
-
Size
708KB
-
MD5
19e0da0415c781dc9a288722bc701c09
-
SHA1
daf23af4714e913c83b3ac2ed9429c0db92ba8dc
-
SHA256
51cf44bbd50316dd6456f4df6c461733c09819ab884b20524a4e894ba5492342
-
SHA512
032e1980098d1de45353bf1831e90d6ab9ebef726b7b0fffadc368278115d025cbe98608c81cbb086df2e61b8bf253ba92996b8cf119bfdc2c5460d8bd4f6518
-
SSDEEP
12288:OEwgKnIhABTW0HcD5a1PKxdZhC+k+V9Hgeb/tf/B9P632vHAA:OEwXnOAx5HcDM1Sxd3ChCHg2/P9yGo
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Accessibility Features
1