General

  • Target

    9bbf9eef45b7360abc8ec8a0c7b317ce

  • Size

    3.2MB

  • Sample

    231222-qfy4laeggr

  • MD5

    9bbf9eef45b7360abc8ec8a0c7b317ce

  • SHA1

    2006a704bfe2692fc7396f0182500abecef3942d

  • SHA256

    2a05ef517f58fb47e09a5e863a67ef39f514b40f990a488897dd5f2f5d6bb865

  • SHA512

    30f90d9ff168214bec791a1cfc9e947ed88a9cb396e92cfa5a544afaa27700df5f5e680e320fc1fd7674d31c84415e1325006fb0a71e694ba49e95a1fe988d86

  • SSDEEP

    12288:tVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:0fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      9bbf9eef45b7360abc8ec8a0c7b317ce

    • Size

      3.2MB

    • MD5

      9bbf9eef45b7360abc8ec8a0c7b317ce

    • SHA1

      2006a704bfe2692fc7396f0182500abecef3942d

    • SHA256

      2a05ef517f58fb47e09a5e863a67ef39f514b40f990a488897dd5f2f5d6bb865

    • SHA512

      30f90d9ff168214bec791a1cfc9e947ed88a9cb396e92cfa5a544afaa27700df5f5e680e320fc1fd7674d31c84415e1325006fb0a71e694ba49e95a1fe988d86

    • SSDEEP

      12288:tVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:0fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks