General

  • Target

    6e92b2e4da82ed11094c1c2fa2a6a3e5

  • Size

    1.7MB

  • Sample

    231222-fqneqsgefk

  • MD5

    6e92b2e4da82ed11094c1c2fa2a6a3e5

  • SHA1

    64a01f6cd1c5cc04bebe9ae71335f20b65ae1737

  • SHA256

    ce185c87348395f37cbc968222fc44fb33553c0a646043a736b5b525850337dc

  • SHA512

    fcfee1829f86b7a5223c6521b17472ab8e8ac0b1c786f28d6ce9a9cfcd44da6058a223113860de394d5c980f18611091f0f3d471f33b1725115c7459bd135ce0

  • SSDEEP

    12288:cVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ15t:pfP7fWsK5z9A+WGAW+V5SB6Ct4bnb5t

Malware Config

Targets

    • Target

      6e92b2e4da82ed11094c1c2fa2a6a3e5

    • Size

      1.7MB

    • MD5

      6e92b2e4da82ed11094c1c2fa2a6a3e5

    • SHA1

      64a01f6cd1c5cc04bebe9ae71335f20b65ae1737

    • SHA256

      ce185c87348395f37cbc968222fc44fb33553c0a646043a736b5b525850337dc

    • SHA512

      fcfee1829f86b7a5223c6521b17472ab8e8ac0b1c786f28d6ce9a9cfcd44da6058a223113860de394d5c980f18611091f0f3d471f33b1725115c7459bd135ce0

    • SSDEEP

      12288:cVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ15t:pfP7fWsK5z9A+WGAW+V5SB6Ct4bnb5t

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks