General
-
Target
dbb8c4320769eaf82340cb69caecf8a2ed8e61c225f9698fc796d03b481f8a8d
-
Size
844KB
-
Sample
250220-kaej4s1kcj
-
MD5
7e9b64f247ce0fe8b3a3d9c5b0f97501
-
SHA1
a9a8921bbbd9dca72c7d2660bb4a5e5c9f936ac0
-
SHA256
dbb8c4320769eaf82340cb69caecf8a2ed8e61c225f9698fc796d03b481f8a8d
-
SHA512
2c4a2754ce2d1a0ca8b5f4d30766d471c0bb59864f241153f74d2b86b373ac3e5384b5edbd6f55548d8a764728687b8d077265c6318519ca7cedb5ebdac9bc72
-
SSDEEP
6144:xh7RxJSC3VZLCEixjAoN6StM3LORFxz0Mn0G6oanXCW5DVQGVDmrvcJdR7OsDtoh:xh9fKxjNoYxTw9XrRK0dBOJpy0RXR8p
Malware Config
Targets
-
-
Target
dbb8c4320769eaf82340cb69caecf8a2ed8e61c225f9698fc796d03b481f8a8d
-
Size
844KB
-
MD5
7e9b64f247ce0fe8b3a3d9c5b0f97501
-
SHA1
a9a8921bbbd9dca72c7d2660bb4a5e5c9f936ac0
-
SHA256
dbb8c4320769eaf82340cb69caecf8a2ed8e61c225f9698fc796d03b481f8a8d
-
SHA512
2c4a2754ce2d1a0ca8b5f4d30766d471c0bb59864f241153f74d2b86b373ac3e5384b5edbd6f55548d8a764728687b8d077265c6318519ca7cedb5ebdac9bc72
-
SSDEEP
6144:xh7RxJSC3VZLCEixjAoN6StM3LORFxz0Mn0G6oanXCW5DVQGVDmrvcJdR7OsDtoh:xh9fKxjNoYxTw9XrRK0dBOJpy0RXR8p
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Loader 'dmod' strings
Detects 'dmod' strings in Dridex loader.
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Checks whether UAC is enabled
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-