General
-
Target
9c8c8ac4777f6e405e3c0d2bb0e1bed5d1b2f76d20e1ade9e7c67b9e09df97f3
-
Size
676KB
-
Sample
241114-vlsafsvmep
-
MD5
354125f74bf6ead1524646a2a042e721
-
SHA1
52f947c20843fa442f94cdcb49650369d27a96de
-
SHA256
9c8c8ac4777f6e405e3c0d2bb0e1bed5d1b2f76d20e1ade9e7c67b9e09df97f3
-
SHA512
36590d7ad1b0b747c644383879ce43c795b4a432b0ae9ea65c0fc045c06af802f0f71c2fc631e1a4519251135488e0c05fa21a289d26724528147b7ff7792af9
-
SSDEEP
6144:t34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:tIKp/UWCZdCDh2IZDwAFRpR6Au
Malware Config
Targets
-
-
Target
9c8c8ac4777f6e405e3c0d2bb0e1bed5d1b2f76d20e1ade9e7c67b9e09df97f3
-
Size
676KB
-
MD5
354125f74bf6ead1524646a2a042e721
-
SHA1
52f947c20843fa442f94cdcb49650369d27a96de
-
SHA256
9c8c8ac4777f6e405e3c0d2bb0e1bed5d1b2f76d20e1ade9e7c67b9e09df97f3
-
SHA512
36590d7ad1b0b747c644383879ce43c795b4a432b0ae9ea65c0fc045c06af802f0f71c2fc631e1a4519251135488e0c05fa21a289d26724528147b7ff7792af9
-
SSDEEP
6144:t34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:tIKp/UWCZdCDh2IZDwAFRpR6Au
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-