General

  • Target

    81187b3b268216d2b430a113e669a3b7

  • Size

    1.6MB

  • Sample

    231222-lc9zgaefam

  • MD5

    81187b3b268216d2b430a113e669a3b7

  • SHA1

    3206b27fbf140335f4cf0890400fd0c94f290dbb

  • SHA256

    5c962c76ca5b8459a2b49e29bd793190d8fb32acc50e6ce1a2006ad48a8f17ed

  • SHA512

    b18047bc42412a511fc5aa0a9c42415835846f4fc00db1967ea88b714e1289c254b90de4b9cd821589f0c87b36aeed3ece91fecc3269beeb379a08f10b6e18e6

  • SSDEEP

    12288:HVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:ufP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      81187b3b268216d2b430a113e669a3b7

    • Size

      1.6MB

    • MD5

      81187b3b268216d2b430a113e669a3b7

    • SHA1

      3206b27fbf140335f4cf0890400fd0c94f290dbb

    • SHA256

      5c962c76ca5b8459a2b49e29bd793190d8fb32acc50e6ce1a2006ad48a8f17ed

    • SHA512

      b18047bc42412a511fc5aa0a9c42415835846f4fc00db1967ea88b714e1289c254b90de4b9cd821589f0c87b36aeed3ece91fecc3269beeb379a08f10b6e18e6

    • SSDEEP

      12288:HVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:ufP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks