General

  • Target

    Dridex

  • Size

    172KB

  • Sample

    210420-g7k1hnvble

  • MD5

    6e5654da58c03df6808466f0197207ed

  • SHA1

    594f33ad9d7f85625a88c24903243ba9788fba86

  • SHA256

    e30b76f9454a5fd3d11b5792ff93e56c52bf5dfba6ab375c3b96e17af562f5fc

  • SHA512

    6542a42528f11085376ba893615cd7b68b37e1c78427c678db658e6174ca8d0ac893b071aa55e8d3924a6a2235657322eadf025f10e26c4a0c9858e3c12eb264

Malware Config

Targets

    • Target

      Dridex

    • Size

      172KB

    • MD5

      6e5654da58c03df6808466f0197207ed

    • SHA1

      594f33ad9d7f85625a88c24903243ba9788fba86

    • SHA256

      e30b76f9454a5fd3d11b5792ff93e56c52bf5dfba6ab375c3b96e17af562f5fc

    • SHA512

      6542a42528f11085376ba893615cd7b68b37e1c78427c678db658e6174ca8d0ac893b071aa55e8d3924a6a2235657322eadf025f10e26c4a0c9858e3c12eb264

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

1
T1012

Tasks