General
-
Target
6b21ae416bf419e549f6abcfb92a86c66282a97644a6c5a6bf5f7caabba771b1
-
Size
676KB
-
Sample
241114-vexlla1fme
-
MD5
22ed96db2681802352afcea9e3809193
-
SHA1
2490ef64a6c9f8ca4d799a715f1dd677366dc6b7
-
SHA256
6b21ae416bf419e549f6abcfb92a86c66282a97644a6c5a6bf5f7caabba771b1
-
SHA512
5c1a7c0d48feacf2e28dd6094518ec0d1b1602fae4f42539291cf325e1b604b08f112234e6e63867e739d963a37dbae4823ac6f6985cc3f76485534f158d7cdb
-
SSDEEP
6144:w34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:wIKp/UWCZdCDh2IZDwAFRpR6Au
Malware Config
Targets
-
-
Target
6b21ae416bf419e549f6abcfb92a86c66282a97644a6c5a6bf5f7caabba771b1
-
Size
676KB
-
MD5
22ed96db2681802352afcea9e3809193
-
SHA1
2490ef64a6c9f8ca4d799a715f1dd677366dc6b7
-
SHA256
6b21ae416bf419e549f6abcfb92a86c66282a97644a6c5a6bf5f7caabba771b1
-
SHA512
5c1a7c0d48feacf2e28dd6094518ec0d1b1602fae4f42539291cf325e1b604b08f112234e6e63867e739d963a37dbae4823ac6f6985cc3f76485534f158d7cdb
-
SSDEEP
6144:w34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:wIKp/UWCZdCDh2IZDwAFRpR6Au
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-