General
-
Target
afba02c33a5c421b7cb7fc7ff9f99d8160a785cb259a688fb75e8c7fdce9931c
-
Size
944KB
-
Sample
241029-bevx8asajr
-
MD5
01c459593f35851fbb479c78490572e5
-
SHA1
3e1d026171828708e4d6cb4063e7207abae41353
-
SHA256
afba02c33a5c421b7cb7fc7ff9f99d8160a785cb259a688fb75e8c7fdce9931c
-
SHA512
1ae6329f54eec7984a23dae1d400bc73d9e36fcc73489c17a4f0b2650cf1b846c2a95fab49bdb9f3b4e52ef4ff84a359f2d20523169c548aacf67724b2402bb1
-
SSDEEP
6144:634xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTK:6IKp/UWCZdCDh2IZDwAFRpR6AuoK
Malware Config
Targets
-
-
Target
afba02c33a5c421b7cb7fc7ff9f99d8160a785cb259a688fb75e8c7fdce9931c
-
Size
944KB
-
MD5
01c459593f35851fbb479c78490572e5
-
SHA1
3e1d026171828708e4d6cb4063e7207abae41353
-
SHA256
afba02c33a5c421b7cb7fc7ff9f99d8160a785cb259a688fb75e8c7fdce9931c
-
SHA512
1ae6329f54eec7984a23dae1d400bc73d9e36fcc73489c17a4f0b2650cf1b846c2a95fab49bdb9f3b4e52ef4ff84a359f2d20523169c548aacf67724b2402bb1
-
SSDEEP
6144:634xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTK:6IKp/UWCZdCDh2IZDwAFRpR6AuoK
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Accessibility Features
1