General

  • Target

    8612fa0a1a2b0c719b477a46e34224bf

  • Size

    2.0MB

  • Sample

    231222-mvmgkagcdr

  • MD5

    8612fa0a1a2b0c719b477a46e34224bf

  • SHA1

    5506302c7c90404fbdb4314d40ea851be5ab0440

  • SHA256

    9bb2a39ebb8d5c67c0c699c2f98ecddeba87000e6d6172c9e7149b0ab2148f89

  • SHA512

    2a095fde45cc187da54ae481ee7d4d17ae3ca479420179e149003660fc0cc4377390a6e48b568fc462fa0dc3b17e6dcd1be9cd52ad6cbd2b066a15cd2ed04fec

  • SSDEEP

    12288:uVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1Fh:zfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      8612fa0a1a2b0c719b477a46e34224bf

    • Size

      2.0MB

    • MD5

      8612fa0a1a2b0c719b477a46e34224bf

    • SHA1

      5506302c7c90404fbdb4314d40ea851be5ab0440

    • SHA256

      9bb2a39ebb8d5c67c0c699c2f98ecddeba87000e6d6172c9e7149b0ab2148f89

    • SHA512

      2a095fde45cc187da54ae481ee7d4d17ae3ca479420179e149003660fc0cc4377390a6e48b568fc462fa0dc3b17e6dcd1be9cd52ad6cbd2b066a15cd2ed04fec

    • SSDEEP

      12288:uVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1Fh:zfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks