General

  • Target

    6233b6e1607d71c1e132dcb98195319f

  • Size

    1.7MB

  • Sample

    231222-ewxpxschhj

  • MD5

    6233b6e1607d71c1e132dcb98195319f

  • SHA1

    78cd29859c7f0425e0284f01d3bf20a1402d1c59

  • SHA256

    943cc2e3570ce9f471d86887aa47a268f6a8060c035ed143123e2d7d5fd1257b

  • SHA512

    915fc5e97ba70f86bee237d48d74597cecd2075289d640360993603d21decc657032289fcd7ac328a2585f78a48fbd3ad594632e5d3635c915c2a8093444c6cd

  • SSDEEP

    12288:kVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:BfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      6233b6e1607d71c1e132dcb98195319f

    • Size

      1.7MB

    • MD5

      6233b6e1607d71c1e132dcb98195319f

    • SHA1

      78cd29859c7f0425e0284f01d3bf20a1402d1c59

    • SHA256

      943cc2e3570ce9f471d86887aa47a268f6a8060c035ed143123e2d7d5fd1257b

    • SHA512

      915fc5e97ba70f86bee237d48d74597cecd2075289d640360993603d21decc657032289fcd7ac328a2585f78a48fbd3ad594632e5d3635c915c2a8093444c6cd

    • SSDEEP

      12288:kVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:BfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks