General
-
Target
0d164485fdd6b55434645eaf01fe91ba530450d5c7e1783f355a236b82988d06
-
Size
676KB
-
Sample
241114-vp83da1gkc
-
MD5
e30eba0e3eff7fbe220428e0f92d3bc5
-
SHA1
41eef42dffcc4dc1c5877cbbeb57d23a3653f8d8
-
SHA256
0d164485fdd6b55434645eaf01fe91ba530450d5c7e1783f355a236b82988d06
-
SHA512
68e3d5beb81e94b252fba94c2419fc0dd5bb25289ee1f4839205a49323a8592612bdfebec2065391d74b08f8f2887dccf5b5d7276f800a441de2b66f38e34a5b
-
SSDEEP
6144:h34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:hIKp/UWCZdCDh2IZDwAFRpR6Au
Malware Config
Targets
-
-
Target
0d164485fdd6b55434645eaf01fe91ba530450d5c7e1783f355a236b82988d06
-
Size
676KB
-
MD5
e30eba0e3eff7fbe220428e0f92d3bc5
-
SHA1
41eef42dffcc4dc1c5877cbbeb57d23a3653f8d8
-
SHA256
0d164485fdd6b55434645eaf01fe91ba530450d5c7e1783f355a236b82988d06
-
SHA512
68e3d5beb81e94b252fba94c2419fc0dd5bb25289ee1f4839205a49323a8592612bdfebec2065391d74b08f8f2887dccf5b5d7276f800a441de2b66f38e34a5b
-
SSDEEP
6144:h34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:hIKp/UWCZdCDh2IZDwAFRpR6Au
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Dridex payload
Detects Dridex x64 core DLL in memory.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-