General

  • Target

    64146539867c84d0826066a7c7bfcc0d

  • Size

    2.3MB

  • Sample

    231222-e3x92adebk

  • MD5

    64146539867c84d0826066a7c7bfcc0d

  • SHA1

    f5d9745742e3e7e89085b34caf7cfe6e3c901a99

  • SHA256

    5039eb3d287b59060b800fe842579c2a84d133d0f1b5a761303bde01697f2312

  • SHA512

    5069e08ea7ad97f0158d6dcc5c331563ad309a2ba70cc93b05eaf885d41d81ebfc028d529c1659956a4e1e438b59c41d0f87fd68043318c317c5e44e284dc4ac

  • SSDEEP

    12288:/VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1RMf0f:2fP7fWsK5z9A+WGAW+V5SB6Ct4bnb6

Malware Config

Targets

    • Target

      64146539867c84d0826066a7c7bfcc0d

    • Size

      2.3MB

    • MD5

      64146539867c84d0826066a7c7bfcc0d

    • SHA1

      f5d9745742e3e7e89085b34caf7cfe6e3c901a99

    • SHA256

      5039eb3d287b59060b800fe842579c2a84d133d0f1b5a761303bde01697f2312

    • SHA512

      5069e08ea7ad97f0158d6dcc5c331563ad309a2ba70cc93b05eaf885d41d81ebfc028d529c1659956a4e1e438b59c41d0f87fd68043318c317c5e44e284dc4ac

    • SSDEEP

      12288:/VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1RMf0f:2fP7fWsK5z9A+WGAW+V5SB6Ct4bnb6

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks