General
-
Target
bfb5ca4c1ae40906ff8d9e2fa8c7701fca7eda5e1813e779318c86a2092aa946.exe
-
Size
816KB
-
Sample
250101-xpqbda1mgp
-
MD5
d789930de545c583c559a0e356c35191
-
SHA1
108ec6f42c132407626209a60a4731d7c87c7673
-
SHA256
bfb5ca4c1ae40906ff8d9e2fa8c7701fca7eda5e1813e779318c86a2092aa946
-
SHA512
ab6026859720b51a097d49221176c7e2721d5962d7a41e0c986bbab16eff140ad2314228d4f5ba0118672d8b33644265c47a7ceb29b3228361e603723668f122
-
SSDEEP
6144:zh7RxJSC3VZLCEixjAoN6StM3LORFxz0Mn0G6oanXCW5DVQGVDmrvcJdR7OsDtoV:zh9fKxjNoYxTw9XrRK0dBOJpy0RXR8p2
Malware Config
Targets
-
-
Target
bfb5ca4c1ae40906ff8d9e2fa8c7701fca7eda5e1813e779318c86a2092aa946.exe
-
Size
816KB
-
MD5
d789930de545c583c559a0e356c35191
-
SHA1
108ec6f42c132407626209a60a4731d7c87c7673
-
SHA256
bfb5ca4c1ae40906ff8d9e2fa8c7701fca7eda5e1813e779318c86a2092aa946
-
SHA512
ab6026859720b51a097d49221176c7e2721d5962d7a41e0c986bbab16eff140ad2314228d4f5ba0118672d8b33644265c47a7ceb29b3228361e603723668f122
-
SSDEEP
6144:zh7RxJSC3VZLCEixjAoN6StM3LORFxz0Mn0G6oanXCW5DVQGVDmrvcJdR7OsDtoV:zh9fKxjNoYxTw9XrRK0dBOJpy0RXR8p2
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Loader 'dmod' strings
Detects 'dmod' strings in Dridex loader.
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Checks whether UAC is enabled
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-