General

  • Target

    89faad2763ee0fe77979a2868b5d8d1a

  • Size

    1.7MB

  • Sample

    231222-n2dnnshefl

  • MD5

    89faad2763ee0fe77979a2868b5d8d1a

  • SHA1

    2bb866ca50cde2737e1fd9ee3de301bcbd734d3c

  • SHA256

    65715eb9acb4d8b38c6ed89a8582cd338ca072fae890e4991c01ace914ad1ddc

  • SHA512

    9233586d30af66b401cf9f9ad2aaf42ea1da233db72aedc9fbb8b91e76f1560edfbe056628ef7d2264da87682f0dbdd094883e3978c509cc50cb5a55c7e317f2

  • SSDEEP

    12288:FVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:cfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      89faad2763ee0fe77979a2868b5d8d1a

    • Size

      1.7MB

    • MD5

      89faad2763ee0fe77979a2868b5d8d1a

    • SHA1

      2bb866ca50cde2737e1fd9ee3de301bcbd734d3c

    • SHA256

      65715eb9acb4d8b38c6ed89a8582cd338ca072fae890e4991c01ace914ad1ddc

    • SHA512

      9233586d30af66b401cf9f9ad2aaf42ea1da233db72aedc9fbb8b91e76f1560edfbe056628ef7d2264da87682f0dbdd094883e3978c509cc50cb5a55c7e317f2

    • SSDEEP

      12288:FVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:cfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks