General
-
Target
a81c99d3529a32af2bdd97c4c24659af3e16c01a55078683fb578b13affb877b
-
Size
648KB
-
Sample
250115-gxk4mavqam
-
MD5
d3d28670bf264cb9fdbbba97fe3aa170
-
SHA1
645444307957053737dc887e17450cf262b61993
-
SHA256
a81c99d3529a32af2bdd97c4c24659af3e16c01a55078683fb578b13affb877b
-
SHA512
940e6a3a79ec6842ed7491e816cceda79ef85c256cef7cca8ddecf1431921d3ae35ee3da66ea8f5f12cf1151fccb5b7c9b5e62c32c1c649a0056e253af9e7886
-
SSDEEP
6144:2g12AzW5HsiScvtNybiR8g0ISTFCRVe9/JE+++sKS1JGWWsca65eu9K2zqc4CWAZ:282AK5HOEksJ1YW7DwzqyQ
Malware Config
Targets
-
-
Target
a81c99d3529a32af2bdd97c4c24659af3e16c01a55078683fb578b13affb877b
-
Size
648KB
-
MD5
d3d28670bf264cb9fdbbba97fe3aa170
-
SHA1
645444307957053737dc887e17450cf262b61993
-
SHA256
a81c99d3529a32af2bdd97c4c24659af3e16c01a55078683fb578b13affb877b
-
SHA512
940e6a3a79ec6842ed7491e816cceda79ef85c256cef7cca8ddecf1431921d3ae35ee3da66ea8f5f12cf1151fccb5b7c9b5e62c32c1c649a0056e253af9e7886
-
SSDEEP
6144:2g12AzW5HsiScvtNybiR8g0ISTFCRVe9/JE+++sKS1JGWWsca65eu9K2zqc4CWAZ:282AK5HOEksJ1YW7DwzqyQ
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Loader 'dmod' strings
Detects 'dmod' strings in Dridex loader.
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Checks whether UAC is enabled
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-