General

  • Target

    98832842de43f42126c99383931832d2

  • Size

    2.0MB

  • Sample

    231222-qcp2hsdhck

  • MD5

    98832842de43f42126c99383931832d2

  • SHA1

    23f33cf120c04e1addaf8c4e6d5af459ddf4a98c

  • SHA256

    99a22f3c36907549ab6491f145fd8ef2ab8cc755778e58f69e64fe23cf79335d

  • SHA512

    fc1d20ee06cb22b1ce30288c31299c24164cd3251b224e44355e2b00e855c985aa41340ea38577e4c7c5d5efdbdf20b75cfc8bbb96a772afa7be105fcc3217cf

  • SSDEEP

    12288:WVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:LfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      98832842de43f42126c99383931832d2

    • Size

      2.0MB

    • MD5

      98832842de43f42126c99383931832d2

    • SHA1

      23f33cf120c04e1addaf8c4e6d5af459ddf4a98c

    • SHA256

      99a22f3c36907549ab6491f145fd8ef2ab8cc755778e58f69e64fe23cf79335d

    • SHA512

      fc1d20ee06cb22b1ce30288c31299c24164cd3251b224e44355e2b00e855c985aa41340ea38577e4c7c5d5efdbdf20b75cfc8bbb96a772afa7be105fcc3217cf

    • SSDEEP

      12288:WVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:LfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks