General
-
Target
1264bb47a1d1ec4d6fae193f1fcfefb46aa268090e88718a2f9f42b830cfb4d1
-
Size
656KB
-
Sample
250108-y24vzatqhm
-
MD5
1c8173fa2438ffec53246a0fa7a3eb64
-
SHA1
82ea924767787f06c73ee345853f05d1a6b55b1f
-
SHA256
1264bb47a1d1ec4d6fae193f1fcfefb46aa268090e88718a2f9f42b830cfb4d1
-
SHA512
5f8ef3e4c4f3c61c7acd192c769beccd7890e54d1b923ea0d574a59ce0732a48f6f0fab4d869bdde84621ee5d217afa67fc4da697b9163996951577d771b7b47
-
SSDEEP
6144:og12AzW5HsiScvtNybiR8g0ISTFCRVe9/JE+++sKS1JGWWsca65eu9K2zqc4CWAZ:o82AK5HOEksJ1YW7DwzqyQ
Malware Config
Targets
-
-
Target
1264bb47a1d1ec4d6fae193f1fcfefb46aa268090e88718a2f9f42b830cfb4d1
-
Size
656KB
-
MD5
1c8173fa2438ffec53246a0fa7a3eb64
-
SHA1
82ea924767787f06c73ee345853f05d1a6b55b1f
-
SHA256
1264bb47a1d1ec4d6fae193f1fcfefb46aa268090e88718a2f9f42b830cfb4d1
-
SHA512
5f8ef3e4c4f3c61c7acd192c769beccd7890e54d1b923ea0d574a59ce0732a48f6f0fab4d869bdde84621ee5d217afa67fc4da697b9163996951577d771b7b47
-
SSDEEP
6144:og12AzW5HsiScvtNybiR8g0ISTFCRVe9/JE+++sKS1JGWWsca65eu9K2zqc4CWAZ:o82AK5HOEksJ1YW7DwzqyQ
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Loader 'dmod' strings
Detects 'dmod' strings in Dridex loader.
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Checks whether UAC is enabled
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-