General
-
Target
f4cc073cc601127a558b1196c98d6839965545cffad19f38370158a6450e82f3
-
Size
704KB
-
Sample
241022-agnfgsvdrf
-
MD5
32d919c09f97767d7a0c7972b2b52103
-
SHA1
7a83575a7cab12034630cacb854746978e03e7f5
-
SHA256
f4cc073cc601127a558b1196c98d6839965545cffad19f38370158a6450e82f3
-
SHA512
5a1a51e61107464ed813eb6f9131d6a2be7993eaa8c43f7e03222db2a35152998a67924a16a4b91e8a839a11948d925ff94930248b2691cafcb7a26159139ef4
-
SSDEEP
12288:mEwgKnIhABTW0HcD5a1PKxdZhC+k+V9Hgeb/tf/B9P632vHAA:mEwXnOAx5HcDM1Sxd3ChCHg2/P9yGo
Malware Config
Targets
-
-
Target
f4cc073cc601127a558b1196c98d6839965545cffad19f38370158a6450e82f3
-
Size
704KB
-
MD5
32d919c09f97767d7a0c7972b2b52103
-
SHA1
7a83575a7cab12034630cacb854746978e03e7f5
-
SHA256
f4cc073cc601127a558b1196c98d6839965545cffad19f38370158a6450e82f3
-
SHA512
5a1a51e61107464ed813eb6f9131d6a2be7993eaa8c43f7e03222db2a35152998a67924a16a4b91e8a839a11948d925ff94930248b2691cafcb7a26159139ef4
-
SSDEEP
12288:mEwgKnIhABTW0HcD5a1PKxdZhC+k+V9Hgeb/tf/B9P632vHAA:mEwXnOAx5HcDM1Sxd3ChCHg2/P9yGo
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Accessibility Features
1