General

  • Target

    7a54756b2dfa2c74fa035668b7aca7ab

  • Size

    1.7MB

  • Sample

    231222-jh5wlacdel

  • MD5

    7a54756b2dfa2c74fa035668b7aca7ab

  • SHA1

    5ae3b67428a03bcce432689c8736163a818b3f64

  • SHA256

    c33c2d90ea249d05ae011b8f67c148ae4f35ecbe97b4294a1e1a4f2665f20526

  • SHA512

    1b7f9d01a3721559be6a98cac1544fce65a23af1df9f5524a62eebfc1fe9a9618ecbba97677626e658db130deaf7184233982cc1283dc74793a7b91bfd926c65

  • SSDEEP

    12288:LVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1zRTV:KfP7fWsK5z9A+WGAW+V5SB6Ct4bnbzX

Malware Config

Targets

    • Target

      7a54756b2dfa2c74fa035668b7aca7ab

    • Size

      1.7MB

    • MD5

      7a54756b2dfa2c74fa035668b7aca7ab

    • SHA1

      5ae3b67428a03bcce432689c8736163a818b3f64

    • SHA256

      c33c2d90ea249d05ae011b8f67c148ae4f35ecbe97b4294a1e1a4f2665f20526

    • SHA512

      1b7f9d01a3721559be6a98cac1544fce65a23af1df9f5524a62eebfc1fe9a9618ecbba97677626e658db130deaf7184233982cc1283dc74793a7b91bfd926c65

    • SSDEEP

      12288:LVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1zRTV:KfP7fWsK5z9A+WGAW+V5SB6Ct4bnbzX

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks