General
-
Target
ff4144c8cc33129e3e51eb87174bb82e62597373df4f0a70832d3a598b473b8e
-
Size
668KB
-
Sample
241029-wk2ceaxfrq
-
MD5
68716a010cc7093f10b36d0c886ae030
-
SHA1
75ffb8693bcbf4cafa0fba09a5302f2e0f2c1df6
-
SHA256
ff4144c8cc33129e3e51eb87174bb82e62597373df4f0a70832d3a598b473b8e
-
SHA512
b33b8fcd34e3a96097d428944e886d25dbe43638e098d45dbe1d883d144ff3398a7877b6d3915a19298294c2b3b1029faca642ebf41223ad63e6d0fea827c406
-
SSDEEP
6144:834xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:8IKp/UWCZdCDh2IZDwAFRpR6Au
Malware Config
Targets
-
-
Target
ff4144c8cc33129e3e51eb87174bb82e62597373df4f0a70832d3a598b473b8e
-
Size
668KB
-
MD5
68716a010cc7093f10b36d0c886ae030
-
SHA1
75ffb8693bcbf4cafa0fba09a5302f2e0f2c1df6
-
SHA256
ff4144c8cc33129e3e51eb87174bb82e62597373df4f0a70832d3a598b473b8e
-
SHA512
b33b8fcd34e3a96097d428944e886d25dbe43638e098d45dbe1d883d144ff3398a7877b6d3915a19298294c2b3b1029faca642ebf41223ad63e6d0fea827c406
-
SSDEEP
6144:834xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:8IKp/UWCZdCDh2IZDwAFRpR6Au
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-