General

  • Target

    6b9c76d85dc266a32a8b818d5af1c5f0

  • Size

    1.7MB

  • Sample

    231222-fmenesfgck

  • MD5

    6b9c76d85dc266a32a8b818d5af1c5f0

  • SHA1

    25a30b885ec04ed862460fe92f2f1127b4f67765

  • SHA256

    816409948945a770ce6cc2b67a0f724506aa1a93f9b7b2f71f091a64618978ce

  • SHA512

    48ad12cecc3e43753b4c61a0e20ee1cb3f3a3d6012dd70fc0811f46fe9ae48921bc5431f10b7a0c4bf92f8690880d68059ab9303da919d2511f7b0d143b7a4d4

  • SSDEEP

    12288:xVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:AfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      6b9c76d85dc266a32a8b818d5af1c5f0

    • Size

      1.7MB

    • MD5

      6b9c76d85dc266a32a8b818d5af1c5f0

    • SHA1

      25a30b885ec04ed862460fe92f2f1127b4f67765

    • SHA256

      816409948945a770ce6cc2b67a0f724506aa1a93f9b7b2f71f091a64618978ce

    • SHA512

      48ad12cecc3e43753b4c61a0e20ee1cb3f3a3d6012dd70fc0811f46fe9ae48921bc5431f10b7a0c4bf92f8690880d68059ab9303da919d2511f7b0d143b7a4d4

    • SSDEEP

      12288:xVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:AfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks