General
-
Target
200540aecb9b1f65ed9b69f28236a68ab6ba148efba290abb76c89b133d93bf3
-
Size
612KB
-
Sample
250111-zx7azaskcj
-
MD5
9283fe253dbbb2e725040dada2126ab4
-
SHA1
26d5a954feaa4a772aa2c2c7845176359e7bc2b1
-
SHA256
200540aecb9b1f65ed9b69f28236a68ab6ba148efba290abb76c89b133d93bf3
-
SHA512
e4f236a4f1827e85f0923d6ec53c2b2a041db76cd548cdb9554c7d85bcc6681839d3548f5fa68e509c11705e5f9762f580e3f5dd89878ea8d8718581c2dd0b21
-
SSDEEP
6144:mh7RxJSC3VZLCEixjAoN6StM3LORFxz0Mn0G6oanXCW5DVQGVDmrvcJdR7OsDtom:mh9fKxjNoYxTw9XrRK0dBOJpy0RXR8p
Malware Config
Targets
-
-
Target
200540aecb9b1f65ed9b69f28236a68ab6ba148efba290abb76c89b133d93bf3
-
Size
612KB
-
MD5
9283fe253dbbb2e725040dada2126ab4
-
SHA1
26d5a954feaa4a772aa2c2c7845176359e7bc2b1
-
SHA256
200540aecb9b1f65ed9b69f28236a68ab6ba148efba290abb76c89b133d93bf3
-
SHA512
e4f236a4f1827e85f0923d6ec53c2b2a041db76cd548cdb9554c7d85bcc6681839d3548f5fa68e509c11705e5f9762f580e3f5dd89878ea8d8718581c2dd0b21
-
SSDEEP
6144:mh7RxJSC3VZLCEixjAoN6StM3LORFxz0Mn0G6oanXCW5DVQGVDmrvcJdR7OsDtom:mh9fKxjNoYxTw9XrRK0dBOJpy0RXR8p
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Loader 'dmod' strings
Detects 'dmod' strings in Dridex loader.
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Checks whether UAC is enabled
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-