General
-
Target
26fa4f3e2ff9d20e54a8ed92898d8d524f973424a6d7b6d62e489e3d5b9fa66a
-
Size
672KB
-
Sample
241114-vgqwtsvmcj
-
MD5
e4b4e6107ac85d6d9981acf940fe05ef
-
SHA1
c049818fd585fe51844578411859c17c463b9bbc
-
SHA256
26fa4f3e2ff9d20e54a8ed92898d8d524f973424a6d7b6d62e489e3d5b9fa66a
-
SHA512
09e324a23666faacf1817e4c4b148944789756bab8521d5d1182a007b0b680382769b09c6b376b1a07ce154a80aa1243271ca4d64b75abf73b7238bce72fd960
-
SSDEEP
6144:U34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:UIKp/UWCZdCDh2IZDwAFRpR6Au
Malware Config
Targets
-
-
Target
26fa4f3e2ff9d20e54a8ed92898d8d524f973424a6d7b6d62e489e3d5b9fa66a
-
Size
672KB
-
MD5
e4b4e6107ac85d6d9981acf940fe05ef
-
SHA1
c049818fd585fe51844578411859c17c463b9bbc
-
SHA256
26fa4f3e2ff9d20e54a8ed92898d8d524f973424a6d7b6d62e489e3d5b9fa66a
-
SHA512
09e324a23666faacf1817e4c4b148944789756bab8521d5d1182a007b0b680382769b09c6b376b1a07ce154a80aa1243271ca4d64b75abf73b7238bce72fd960
-
SSDEEP
6144:U34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:UIKp/UWCZdCDh2IZDwAFRpR6Au
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Accessibility Features
1