General
-
Target
d90d50c0a27b624b69279e6b7e77f2f4d40bb045c42239a314ebf604444ba26f
-
Size
616KB
-
Sample
250113-hze6tsvjbk
-
MD5
77fb4fb4f00a4351f4d192f08df9b35d
-
SHA1
143899c9230c071cca561036168d317eac8d5eb5
-
SHA256
d90d50c0a27b624b69279e6b7e77f2f4d40bb045c42239a314ebf604444ba26f
-
SHA512
db45c5023c5f742e8f695e59c9d69c5c5457dda1d43d6f4147e749d94d4dcfbd80269e256d35fea3fe46e4ab51430f176eaf92fc51a1664e21325339b00d3338
-
SSDEEP
6144:Yg12AzW5HsiScvtNybiR8g0ISTFCRVe9/JE+++sKS1JGWWsca65eu9K2zqc4CWAS:Y82AK5HOEksJ1YW7DwzqyQ
Malware Config
Targets
-
-
Target
d90d50c0a27b624b69279e6b7e77f2f4d40bb045c42239a314ebf604444ba26f
-
Size
616KB
-
MD5
77fb4fb4f00a4351f4d192f08df9b35d
-
SHA1
143899c9230c071cca561036168d317eac8d5eb5
-
SHA256
d90d50c0a27b624b69279e6b7e77f2f4d40bb045c42239a314ebf604444ba26f
-
SHA512
db45c5023c5f742e8f695e59c9d69c5c5457dda1d43d6f4147e749d94d4dcfbd80269e256d35fea3fe46e4ab51430f176eaf92fc51a1664e21325339b00d3338
-
SSDEEP
6144:Yg12AzW5HsiScvtNybiR8g0ISTFCRVe9/JE+++sKS1JGWWsca65eu9K2zqc4CWAS:Y82AK5HOEksJ1YW7DwzqyQ
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Loader 'dmod' strings
Detects 'dmod' strings in Dridex loader.
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Checks whether UAC is enabled
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-