General
-
Target
ff69e56f8ee29f346c9495468b07dc2d2eb486642a1cfcc54d31d7a813bd95ef
-
Size
672KB
-
Sample
241102-dgtjaayapa
-
MD5
584c0aedb20485c2e84e74c629507bca
-
SHA1
68adc01881c74a7e747c02fcc8b3bf6a992595c7
-
SHA256
ff69e56f8ee29f346c9495468b07dc2d2eb486642a1cfcc54d31d7a813bd95ef
-
SHA512
f0de47f3fe7cac1ec434e5e29d33c6ace9e3ee64102acd2f5c05860d782f6c74f34b740ad21615fff80054c9bfa2333492a9c9ed51f182dc3f72805901945e4e
-
SSDEEP
6144:t34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:tIKp/UWCZdCDh2IZDwAFRpR6Au
Malware Config
Targets
-
-
Target
ff69e56f8ee29f346c9495468b07dc2d2eb486642a1cfcc54d31d7a813bd95ef
-
Size
672KB
-
MD5
584c0aedb20485c2e84e74c629507bca
-
SHA1
68adc01881c74a7e747c02fcc8b3bf6a992595c7
-
SHA256
ff69e56f8ee29f346c9495468b07dc2d2eb486642a1cfcc54d31d7a813bd95ef
-
SHA512
f0de47f3fe7cac1ec434e5e29d33c6ace9e3ee64102acd2f5c05860d782f6c74f34b740ad21615fff80054c9bfa2333492a9c9ed51f182dc3f72805901945e4e
-
SSDEEP
6144:t34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:tIKp/UWCZdCDh2IZDwAFRpR6Au
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Accessibility Features
1