General

  • Target

    682fa892384ddb1e48c8591f8a216b58

  • Size

    1.9MB

  • Sample

    231222-fgtv6aegal

  • MD5

    682fa892384ddb1e48c8591f8a216b58

  • SHA1

    17cb3b62d1f8e2a58adc3448796ee5b89fc8206e

  • SHA256

    a1f83f0bc32bc5a38d159d90224440e87d7f2e83eb115a7f291c3bc85f758463

  • SHA512

    182454c02310e9c1ead39250f273d1a56953368f016f399cca14b0562527f7f3d839767e8308a9acc381eba03644783444c27f27327fe670f220b4e5d216bab3

  • SSDEEP

    12288:ZVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:YfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      682fa892384ddb1e48c8591f8a216b58

    • Size

      1.9MB

    • MD5

      682fa892384ddb1e48c8591f8a216b58

    • SHA1

      17cb3b62d1f8e2a58adc3448796ee5b89fc8206e

    • SHA256

      a1f83f0bc32bc5a38d159d90224440e87d7f2e83eb115a7f291c3bc85f758463

    • SHA512

      182454c02310e9c1ead39250f273d1a56953368f016f399cca14b0562527f7f3d839767e8308a9acc381eba03644783444c27f27327fe670f220b4e5d216bab3

    • SSDEEP

      12288:ZVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:YfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks