General
-
Target
3b8ccbf4ae592f02e2fbe743c82f523486fe5da1c6386edfce800ef4c4dd41f3
-
Size
672KB
-
Sample
241114-vp5pysvmgl
-
MD5
3aca1383a7540c9153c2064e5d66af1c
-
SHA1
c2afd47eb14d504194df17e550407989e34d91aa
-
SHA256
3b8ccbf4ae592f02e2fbe743c82f523486fe5da1c6386edfce800ef4c4dd41f3
-
SHA512
a513bc6cb4c62792ecc1a18e5927322535e9403c72b95b2181e1ef4aaaaf883e7cbcd19de0310dbc85dce93a53d2286cdf1272e2e5c9e6f3953d77542161dad7
-
SSDEEP
6144:934xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTh:9IKp/UWCZdCDh2IZDwAFRpR6AuXt
Malware Config
Targets
-
-
Target
3b8ccbf4ae592f02e2fbe743c82f523486fe5da1c6386edfce800ef4c4dd41f3
-
Size
672KB
-
MD5
3aca1383a7540c9153c2064e5d66af1c
-
SHA1
c2afd47eb14d504194df17e550407989e34d91aa
-
SHA256
3b8ccbf4ae592f02e2fbe743c82f523486fe5da1c6386edfce800ef4c4dd41f3
-
SHA512
a513bc6cb4c62792ecc1a18e5927322535e9403c72b95b2181e1ef4aaaaf883e7cbcd19de0310dbc85dce93a53d2286cdf1272e2e5c9e6f3953d77542161dad7
-
SSDEEP
6144:934xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTh:9IKp/UWCZdCDh2IZDwAFRpR6AuXt
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-