General
-
Target
534d2ed9bae64039fe0e0f0fa0b51caf808d603f70d0e34c54dbb9a018801739
-
Size
676KB
-
Sample
241114-vnbqgsvmfm
-
MD5
fe55563a35f75a22d84ca5916747d82c
-
SHA1
39b3b39299ef909314d2edc5c8808b7d495c8b0e
-
SHA256
534d2ed9bae64039fe0e0f0fa0b51caf808d603f70d0e34c54dbb9a018801739
-
SHA512
5e74de0700fae017bbfa89b8636ba4c6c9b09e46660c56fc2502777aaea32ec98f405863bf5ec656b2282c14638864b8006853f5c711719f2d98dac6bb341ba1
-
SSDEEP
6144:I34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:IIKp/UWCZdCDh2IZDwAFRpR6Au
Malware Config
Targets
-
-
Target
534d2ed9bae64039fe0e0f0fa0b51caf808d603f70d0e34c54dbb9a018801739
-
Size
676KB
-
MD5
fe55563a35f75a22d84ca5916747d82c
-
SHA1
39b3b39299ef909314d2edc5c8808b7d495c8b0e
-
SHA256
534d2ed9bae64039fe0e0f0fa0b51caf808d603f70d0e34c54dbb9a018801739
-
SHA512
5e74de0700fae017bbfa89b8636ba4c6c9b09e46660c56fc2502777aaea32ec98f405863bf5ec656b2282c14638864b8006853f5c711719f2d98dac6bb341ba1
-
SSDEEP
6144:I34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:IIKp/UWCZdCDh2IZDwAFRpR6Au
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Accessibility Features
1