General
-
Target
820df3bc59113bc26f64a48e5abff18c726ad87c90e734359ae8385f50f6a00aN.exe
-
Size
604KB
-
Sample
250116-gmzh9svqe1
-
MD5
4e0d5d67660b6575dfeb0438f9f1ab50
-
SHA1
fe89fea622dfc563ccd9dec6762e60aa78e3d173
-
SHA256
820df3bc59113bc26f64a48e5abff18c726ad87c90e734359ae8385f50f6a00a
-
SHA512
ceade77311038f30b1bf31508cc9d7369146049162da5286244e16706a72230ba7e6545940ef95ec3fa748da9840fa8bb68c72e169d851464ee58be7ef7a513d
-
SSDEEP
6144:bg12AzW5HsiScvtNybiR8g0ISTFCRVe9/JE+++sKS1JGWWsca65eu9K2zqc4CWAZ:b82AK5HOEksJ1YW7DwzqyQ
Malware Config
Targets
-
-
Target
820df3bc59113bc26f64a48e5abff18c726ad87c90e734359ae8385f50f6a00aN.exe
-
Size
604KB
-
MD5
4e0d5d67660b6575dfeb0438f9f1ab50
-
SHA1
fe89fea622dfc563ccd9dec6762e60aa78e3d173
-
SHA256
820df3bc59113bc26f64a48e5abff18c726ad87c90e734359ae8385f50f6a00a
-
SHA512
ceade77311038f30b1bf31508cc9d7369146049162da5286244e16706a72230ba7e6545940ef95ec3fa748da9840fa8bb68c72e169d851464ee58be7ef7a513d
-
SSDEEP
6144:bg12AzW5HsiScvtNybiR8g0ISTFCRVe9/JE+++sKS1JGWWsca65eu9K2zqc4CWAZ:b82AK5HOEksJ1YW7DwzqyQ
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Loader 'dmod' strings
Detects 'dmod' strings in Dridex loader.
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Checks whether UAC is enabled
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-