General

  • Target

    6b9c755c255790fe730a79f91d7c402c

  • Size

    1.5MB

  • Sample

    231222-fmecnafgcj

  • MD5

    6b9c755c255790fe730a79f91d7c402c

  • SHA1

    73760a58655154806b12dfb60803d04c854c756e

  • SHA256

    31e6e50cbe1bc26b1f05c8eee6da025cd61f7375f9a124d771f370e60008f5b8

  • SHA512

    7651533caa50152141fa6d3293e93b127b3d6bdc48203f43182e421ffd75f96a7ee4f65459064eca05d454fd9a86b17a0b175624e511d4f01a85ceddb1257762

  • SSDEEP

    12288:mVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:7fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      6b9c755c255790fe730a79f91d7c402c

    • Size

      1.5MB

    • MD5

      6b9c755c255790fe730a79f91d7c402c

    • SHA1

      73760a58655154806b12dfb60803d04c854c756e

    • SHA256

      31e6e50cbe1bc26b1f05c8eee6da025cd61f7375f9a124d771f370e60008f5b8

    • SHA512

      7651533caa50152141fa6d3293e93b127b3d6bdc48203f43182e421ffd75f96a7ee4f65459064eca05d454fd9a86b17a0b175624e511d4f01a85ceddb1257762

    • SSDEEP

      12288:mVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:7fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks