General

  • Target

    99cc6a1b05ecb8ff80245d0e564e9e8e

  • Size

    1.7MB

  • Sample

    231222-qdzmcaecbr

  • MD5

    99cc6a1b05ecb8ff80245d0e564e9e8e

  • SHA1

    7780f8b982500865883593c6e996794c5498e26c

  • SHA256

    fc1ce427e3c95bb24bced3433c85ae4b020da05b3907f0ca18d0b5fd30dc05c8

  • SHA512

    eaa7f08a1d255eb775f7de53640755cf988308a52e7f764b91a737cb521dd6c5de523600211fd7128b8de4689722db47287274db2b214f63d2b973a1abd52288

  • SSDEEP

    12288:MVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:5fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      99cc6a1b05ecb8ff80245d0e564e9e8e

    • Size

      1.7MB

    • MD5

      99cc6a1b05ecb8ff80245d0e564e9e8e

    • SHA1

      7780f8b982500865883593c6e996794c5498e26c

    • SHA256

      fc1ce427e3c95bb24bced3433c85ae4b020da05b3907f0ca18d0b5fd30dc05c8

    • SHA512

      eaa7f08a1d255eb775f7de53640755cf988308a52e7f764b91a737cb521dd6c5de523600211fd7128b8de4689722db47287274db2b214f63d2b973a1abd52288

    • SSDEEP

      12288:MVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:5fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks