General

  • Target

    91f99c7f1a244d04f0c9a95fa013fae2

  • Size

    1.7MB

  • Sample

    231222-p5ycxsbhhj

  • MD5

    91f99c7f1a244d04f0c9a95fa013fae2

  • SHA1

    01ab5748a556b2dd764f48cdd2cbff444ce2aa4f

  • SHA256

    b3cccf128fe7a297a8b30946b713ae19458582d68a6c7c499ad807d4fa84efcf

  • SHA512

    32cd58db6d04f1e009a29c97b7b310517f762d6d7ce91f0511193053427f6e17729beaec22e9844319df585b0991498494d88f9ab245a80f0689649eedab3891

  • SSDEEP

    12288:9VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ193aWk5:kfP7fWsK5z9A+WGAW+V5SB6Ct4bnbRa

Malware Config

Targets

    • Target

      91f99c7f1a244d04f0c9a95fa013fae2

    • Size

      1.7MB

    • MD5

      91f99c7f1a244d04f0c9a95fa013fae2

    • SHA1

      01ab5748a556b2dd764f48cdd2cbff444ce2aa4f

    • SHA256

      b3cccf128fe7a297a8b30946b713ae19458582d68a6c7c499ad807d4fa84efcf

    • SHA512

      32cd58db6d04f1e009a29c97b7b310517f762d6d7ce91f0511193053427f6e17729beaec22e9844319df585b0991498494d88f9ab245a80f0689649eedab3891

    • SSDEEP

      12288:9VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ193aWk5:kfP7fWsK5z9A+WGAW+V5SB6Ct4bnbRa

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks