General
-
Target
39c3ba8e5a0aaf8719fa57d866f02bb2dfae2474a42b6ae346af16a73f92c2be
-
Size
672KB
-
Sample
241114-vp4sna1gkb
-
MD5
83907ddf64aa95e7da9c6e9758b2610c
-
SHA1
8c096240c45f1b4c05d8e07a1b5df38615e54aaf
-
SHA256
39c3ba8e5a0aaf8719fa57d866f02bb2dfae2474a42b6ae346af16a73f92c2be
-
SHA512
6d7bab6de77969b6f01fa03a95dbf371a0ec03ba0709a4118a71550b126aa7eb1cd55c161a8f898a131da9a10c79730f52c3950073a32d0157c5eea3e9c92688
-
SSDEEP
6144:E34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:EIKp/UWCZdCDh2IZDwAFRpR6Au
Malware Config
Targets
-
-
Target
39c3ba8e5a0aaf8719fa57d866f02bb2dfae2474a42b6ae346af16a73f92c2be
-
Size
672KB
-
MD5
83907ddf64aa95e7da9c6e9758b2610c
-
SHA1
8c096240c45f1b4c05d8e07a1b5df38615e54aaf
-
SHA256
39c3ba8e5a0aaf8719fa57d866f02bb2dfae2474a42b6ae346af16a73f92c2be
-
SHA512
6d7bab6de77969b6f01fa03a95dbf371a0ec03ba0709a4118a71550b126aa7eb1cd55c161a8f898a131da9a10c79730f52c3950073a32d0157c5eea3e9c92688
-
SSDEEP
6144:E34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:EIKp/UWCZdCDh2IZDwAFRpR6Au
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Accessibility Features
1