General

  • Target

    855478a6436b2ce5db0b95430e6496be

  • Size

    1.8MB

  • Sample

    231222-mlys8sgacr

  • MD5

    855478a6436b2ce5db0b95430e6496be

  • SHA1

    c51919c46b8c4e754a204e30dd80c871cc5ca142

  • SHA256

    f1a199ba9c7dbf9eb3cb2c4a4c6ef424f02ab60e6289cdc952d39655a851353a

  • SHA512

    b62ea5eae5f97c916b0cb4eeecbe7b0c5261985583afa93f34b5b8a3f97b0473bdffc64ac21d6ab44ffac44a90ee0aae9b884104651f1eebf99a7ba46c4a9d44

  • SSDEEP

    12288:5VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1x:4fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      855478a6436b2ce5db0b95430e6496be

    • Size

      1.8MB

    • MD5

      855478a6436b2ce5db0b95430e6496be

    • SHA1

      c51919c46b8c4e754a204e30dd80c871cc5ca142

    • SHA256

      f1a199ba9c7dbf9eb3cb2c4a4c6ef424f02ab60e6289cdc952d39655a851353a

    • SHA512

      b62ea5eae5f97c916b0cb4eeecbe7b0c5261985583afa93f34b5b8a3f97b0473bdffc64ac21d6ab44ffac44a90ee0aae9b884104651f1eebf99a7ba46c4a9d44

    • SSDEEP

      12288:5VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1x:4fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks