General
-
Target
3b4f8af9318b4a4541fb0b94db0ce8483a65c828b755274f16a97bcaa377e4c4
-
Size
672KB
-
Sample
241102-dg8cfawqbx
-
MD5
aaf31301e741243c6ad5399aa9e4f757
-
SHA1
c2529446c4fc65d54f634e7ac23777f78cb8757a
-
SHA256
3b4f8af9318b4a4541fb0b94db0ce8483a65c828b755274f16a97bcaa377e4c4
-
SHA512
327571c02220df11a30d34f81138f7d8e0302986f63036201e2aebe264616a5005204e4a285a45b6291d805d6e7a69b49872a09f5ad19b5d468fcbd7c3edd83d
-
SSDEEP
6144:V34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTU:VIKp/UWCZdCDh2IZDwAFRpR6Au
Malware Config
Targets
-
-
Target
3b4f8af9318b4a4541fb0b94db0ce8483a65c828b755274f16a97bcaa377e4c4
-
Size
672KB
-
MD5
aaf31301e741243c6ad5399aa9e4f757
-
SHA1
c2529446c4fc65d54f634e7ac23777f78cb8757a
-
SHA256
3b4f8af9318b4a4541fb0b94db0ce8483a65c828b755274f16a97bcaa377e4c4
-
SHA512
327571c02220df11a30d34f81138f7d8e0302986f63036201e2aebe264616a5005204e4a285a45b6291d805d6e7a69b49872a09f5ad19b5d468fcbd7c3edd83d
-
SSDEEP
6144:V34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTU:VIKp/UWCZdCDh2IZDwAFRpR6Au
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-