General

  • Target

    9092dc2e65d3423c530403687825739b

  • Size

    3.2MB

  • Sample

    231222-p4f29abehj

  • MD5

    9092dc2e65d3423c530403687825739b

  • SHA1

    b7ff1029c34d5edca3ce39912a270d38424e8bce

  • SHA256

    604254d4c3d1a371976dff0a441bdc28897e11707e92dd483479869614c88799

  • SHA512

    74ef314d36cc050bc161b0012efbdf6c339bf03a40bc8132755dca0948a6aae0ea0024361af0b799ecc384d227300e0532e311c37c03ad3c9aa71db459a046ea

  • SSDEEP

    12288:OVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:TfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      9092dc2e65d3423c530403687825739b

    • Size

      3.2MB

    • MD5

      9092dc2e65d3423c530403687825739b

    • SHA1

      b7ff1029c34d5edca3ce39912a270d38424e8bce

    • SHA256

      604254d4c3d1a371976dff0a441bdc28897e11707e92dd483479869614c88799

    • SHA512

      74ef314d36cc050bc161b0012efbdf6c339bf03a40bc8132755dca0948a6aae0ea0024361af0b799ecc384d227300e0532e311c37c03ad3c9aa71db459a046ea

    • SSDEEP

      12288:OVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:TfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks