General
-
Target
69c455745647cfb7a255bb03b8a4279b64be1e542bc8c540c180b2884b8d858a
-
Size
672KB
-
Sample
241114-vnk9xs1kb1
-
MD5
9b616d2c751b6b29a1c2a529a49daba4
-
SHA1
46341d4ab5707193e9e53ffc140a42a61b6629a4
-
SHA256
69c455745647cfb7a255bb03b8a4279b64be1e542bc8c540c180b2884b8d858a
-
SHA512
ac1e27da3fc0d5541382425232677e832896c6d3b8fa089db4799bad3a0383a1eb1e737f9b1f34213d30bdd842e1ef335599d4ff07c2b40f8f490e035c858f05
-
SSDEEP
6144:I34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:IIKp/UWCZdCDh2IZDwAFRpR6Au
Malware Config
Targets
-
-
Target
69c455745647cfb7a255bb03b8a4279b64be1e542bc8c540c180b2884b8d858a
-
Size
672KB
-
MD5
9b616d2c751b6b29a1c2a529a49daba4
-
SHA1
46341d4ab5707193e9e53ffc140a42a61b6629a4
-
SHA256
69c455745647cfb7a255bb03b8a4279b64be1e542bc8c540c180b2884b8d858a
-
SHA512
ac1e27da3fc0d5541382425232677e832896c6d3b8fa089db4799bad3a0383a1eb1e737f9b1f34213d30bdd842e1ef335599d4ff07c2b40f8f490e035c858f05
-
SSDEEP
6144:I34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:IIKp/UWCZdCDh2IZDwAFRpR6Au
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-