General

  • Target

    72919cad2f92d63aeafa89d2ce62ff75

  • Size

    2.1MB

  • Sample

    231222-gfjt8shhaq

  • MD5

    72919cad2f92d63aeafa89d2ce62ff75

  • SHA1

    d0a9b983e08f82201af93af7772e6990eea339f8

  • SHA256

    8858d8a49dca0439e56a9243afbbf3baeccfb9e64a5f695ce34b0316af944dae

  • SHA512

    e8316cdce35575e6455477c7494863b8875037cded39338dc49fc555eac2629488259c47696091a26acdbf3ceedba242624df3076ff87b1286fdf2a9de635b02

  • SSDEEP

    12288:WVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1ft:LfP7fWsK5z9A+WGAW+V5SB6Ct4bnbft

Malware Config

Targets

    • Target

      72919cad2f92d63aeafa89d2ce62ff75

    • Size

      2.1MB

    • MD5

      72919cad2f92d63aeafa89d2ce62ff75

    • SHA1

      d0a9b983e08f82201af93af7772e6990eea339f8

    • SHA256

      8858d8a49dca0439e56a9243afbbf3baeccfb9e64a5f695ce34b0316af944dae

    • SHA512

      e8316cdce35575e6455477c7494863b8875037cded39338dc49fc555eac2629488259c47696091a26acdbf3ceedba242624df3076ff87b1286fdf2a9de635b02

    • SSDEEP

      12288:WVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1ft:LfP7fWsK5z9A+WGAW+V5SB6Ct4bnbft

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks