General
-
Target
038dc6917559c1f3fdf9357647b1d4a826974e9130e318e832cded27f4043fc8N.exe
-
Size
648KB
-
Sample
241220-cdb96awmdw
-
MD5
1ba89f00657ff50fa0d0a5be0d904f80
-
SHA1
d3299ae646f85c3147a90fa8ea89ebf18cfe863a
-
SHA256
038dc6917559c1f3fdf9357647b1d4a826974e9130e318e832cded27f4043fc8
-
SHA512
949d96e79a8b5bc2c95b83444bd0870ae95497bfe7e78b9b78857e3e8a10d177cb945e3338c415c252d4670dc97725e4895532d848490ef305289e85352c5247
-
SSDEEP
6144:Cg12AzW5HsiScvtNybiR8g0ISTFCRVe9/JE+++sKS1JGWWsca65eu9K2zqc4CWAZ:C82AK5HOEksJ1YW7DwzqyQ
Malware Config
Targets
-
-
Target
038dc6917559c1f3fdf9357647b1d4a826974e9130e318e832cded27f4043fc8N.exe
-
Size
648KB
-
MD5
1ba89f00657ff50fa0d0a5be0d904f80
-
SHA1
d3299ae646f85c3147a90fa8ea89ebf18cfe863a
-
SHA256
038dc6917559c1f3fdf9357647b1d4a826974e9130e318e832cded27f4043fc8
-
SHA512
949d96e79a8b5bc2c95b83444bd0870ae95497bfe7e78b9b78857e3e8a10d177cb945e3338c415c252d4670dc97725e4895532d848490ef305289e85352c5247
-
SSDEEP
6144:Cg12AzW5HsiScvtNybiR8g0ISTFCRVe9/JE+++sKS1JGWWsca65eu9K2zqc4CWAZ:C82AK5HOEksJ1YW7DwzqyQ
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Loader 'dmod' strings
Detects 'dmod' strings in Dridex loader.
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Checks whether UAC is enabled
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-