General
-
Target
60f896e781ccfa1f164aa659dfb8058697f6e0c5edd4afe0302b8d39476ffb4b
-
Size
676KB
-
Sample
241114-vlf77a1ka1
-
MD5
4d50c132ca23b8e8fa6f50c8e7db7e3b
-
SHA1
fc0fe7b8a046e550ed228581c381d5244a62c74c
-
SHA256
60f896e781ccfa1f164aa659dfb8058697f6e0c5edd4afe0302b8d39476ffb4b
-
SHA512
317ca386657544fb79e3a0529278ea096abcb30ad0aef492a4e9a97b87502154095fccde07882c0a98ea2a278860c765a3ea6283cf195085405e1d8048101614
-
SSDEEP
6144:C34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:CIKp/UWCZdCDh2IZDwAFRpR6Au
Malware Config
Targets
-
-
Target
60f896e781ccfa1f164aa659dfb8058697f6e0c5edd4afe0302b8d39476ffb4b
-
Size
676KB
-
MD5
4d50c132ca23b8e8fa6f50c8e7db7e3b
-
SHA1
fc0fe7b8a046e550ed228581c381d5244a62c74c
-
SHA256
60f896e781ccfa1f164aa659dfb8058697f6e0c5edd4afe0302b8d39476ffb4b
-
SHA512
317ca386657544fb79e3a0529278ea096abcb30ad0aef492a4e9a97b87502154095fccde07882c0a98ea2a278860c765a3ea6283cf195085405e1d8048101614
-
SSDEEP
6144:C34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:CIKp/UWCZdCDh2IZDwAFRpR6Au
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-