General

  • Target

    70436d299c5851344501f4d8a28cd860

  • Size

    3.8MB

  • Sample

    231222-fxj1wshbbq

  • MD5

    70436d299c5851344501f4d8a28cd860

  • SHA1

    ee5bbe0c9c08d1e5d91bdec4b7d94715aeb7a5ba

  • SHA256

    b2eee824d397c149b01332b61c38f58def434efd036f5c1cdf20151f4a3e9de3

  • SHA512

    554d86cc4499f1797578042cdac0d019267a924ff7d85aa7edda74fda5e58759f59001c0eaa6a1d3f8e9f7fdc8039610cbb38aa968cad983530df2420603a22f

  • SSDEEP

    12288:vVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ15K:GfP7fWsK5z9A+WGAW+V5SB6Ct4bnb5K

Malware Config

Targets

    • Target

      70436d299c5851344501f4d8a28cd860

    • Size

      3.8MB

    • MD5

      70436d299c5851344501f4d8a28cd860

    • SHA1

      ee5bbe0c9c08d1e5d91bdec4b7d94715aeb7a5ba

    • SHA256

      b2eee824d397c149b01332b61c38f58def434efd036f5c1cdf20151f4a3e9de3

    • SHA512

      554d86cc4499f1797578042cdac0d019267a924ff7d85aa7edda74fda5e58759f59001c0eaa6a1d3f8e9f7fdc8039610cbb38aa968cad983530df2420603a22f

    • SSDEEP

      12288:vVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ15K:GfP7fWsK5z9A+WGAW+V5SB6Ct4bnb5K

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks