General
-
Target
c6bbb76d18634295f6f1d11741f32dd2661592bfdc63904b8fff93c88ae7297a
-
Size
668KB
-
Sample
241029-wskpmaypgl
-
MD5
2b74d0db8f4ef0ccf074936ddbcb69e9
-
SHA1
85ca042ed32308e0ae1666f87808947ec70832e3
-
SHA256
c6bbb76d18634295f6f1d11741f32dd2661592bfdc63904b8fff93c88ae7297a
-
SHA512
338f8f7435f69688cabf59cba525e7678ff5b472ff428ff91dc96362baf489eeac0616cf933883ca669df267f46e1c7743004da18c41eaf1b78e187a9e924a40
-
SSDEEP
6144:S34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuT6:SIKp/UWCZdCDh2IZDwAFRpR6Au
Malware Config
Targets
-
-
Target
c6bbb76d18634295f6f1d11741f32dd2661592bfdc63904b8fff93c88ae7297a
-
Size
668KB
-
MD5
2b74d0db8f4ef0ccf074936ddbcb69e9
-
SHA1
85ca042ed32308e0ae1666f87808947ec70832e3
-
SHA256
c6bbb76d18634295f6f1d11741f32dd2661592bfdc63904b8fff93c88ae7297a
-
SHA512
338f8f7435f69688cabf59cba525e7678ff5b472ff428ff91dc96362baf489eeac0616cf933883ca669df267f46e1c7743004da18c41eaf1b78e187a9e924a40
-
SSDEEP
6144:S34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuT6:SIKp/UWCZdCDh2IZDwAFRpR6Au
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-