General
-
Target
f92f9aac70cf3963e5f5366bf7671931ab030702f727c9b8e5434a458d1bfef6
-
Size
696KB
-
Sample
241102-dgtt2szmam
-
MD5
79019653d1f2925d3a9df737ee411e1f
-
SHA1
029424f436526798306f7fe7c45000addcac07b1
-
SHA256
f92f9aac70cf3963e5f5366bf7671931ab030702f727c9b8e5434a458d1bfef6
-
SHA512
352ace41da765e9ac595d97bf0484d084f68df3ff5a858a888561837db8d083dcef0460ad962395e1086e2682300f3afdfed2c32d2c81b60679ea87890b84b1d
-
SSDEEP
6144:p34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTv:pIKp/UWCZdCDh2IZDwAFRpR6Au
Malware Config
Targets
-
-
Target
f92f9aac70cf3963e5f5366bf7671931ab030702f727c9b8e5434a458d1bfef6
-
Size
696KB
-
MD5
79019653d1f2925d3a9df737ee411e1f
-
SHA1
029424f436526798306f7fe7c45000addcac07b1
-
SHA256
f92f9aac70cf3963e5f5366bf7671931ab030702f727c9b8e5434a458d1bfef6
-
SHA512
352ace41da765e9ac595d97bf0484d084f68df3ff5a858a888561837db8d083dcef0460ad962395e1086e2682300f3afdfed2c32d2c81b60679ea87890b84b1d
-
SSDEEP
6144:p34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTv:pIKp/UWCZdCDh2IZDwAFRpR6Au
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Accessibility Features
1