General
-
Target
c6ce1e919d846871e82fefd5a57f6a7af4a5e729ee1b9c0f67d4fd71807ef7e3
-
Size
684KB
-
Sample
241023-xtr1rsxfkn
-
MD5
906ed4f1c15ea3e6cf8d3bc271ba5d07
-
SHA1
897965a6c69be2b105847ee4ab1ca5d704eb53a4
-
SHA256
c6ce1e919d846871e82fefd5a57f6a7af4a5e729ee1b9c0f67d4fd71807ef7e3
-
SHA512
c498880b98d3b4cbc67c0784a2b80426f937ce7f6160f460b01b69b3d2e6cb3e2545fd50ecfd3eefbf3df960e3489dfb2c1c536fad1d32f8e65e6b54925a0061
-
SSDEEP
12288:bfndx6M581WsGRouyjzC6gn5l0H1Tak8jnGg/xeq7gz3xfsPEb4sk:zdAE81W381Wk8jnYz3dsPEb4s
Malware Config
Targets
-
-
Target
c6ce1e919d846871e82fefd5a57f6a7af4a5e729ee1b9c0f67d4fd71807ef7e3
-
Size
684KB
-
MD5
906ed4f1c15ea3e6cf8d3bc271ba5d07
-
SHA1
897965a6c69be2b105847ee4ab1ca5d704eb53a4
-
SHA256
c6ce1e919d846871e82fefd5a57f6a7af4a5e729ee1b9c0f67d4fd71807ef7e3
-
SHA512
c498880b98d3b4cbc67c0784a2b80426f937ce7f6160f460b01b69b3d2e6cb3e2545fd50ecfd3eefbf3df960e3489dfb2c1c536fad1d32f8e65e6b54925a0061
-
SSDEEP
12288:bfndx6M581WsGRouyjzC6gn5l0H1Tak8jnGg/xeq7gz3xfsPEb4sk:zdAE81W381Wk8jnYz3dsPEb4s
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Accessibility Features
1