General

  • Target

    9d89304f808045efcf17ab454a6d49a0

  • Size

    1.7MB

  • Sample

    231222-qhsdtsfdak

  • MD5

    9d89304f808045efcf17ab454a6d49a0

  • SHA1

    8a97dad8c8a7a02c22c9887e4e103020bc104a11

  • SHA256

    a4e896e1896b2a99f6b1cec3702cb5e08283fae6ad1639be9f0af3904e54da7e

  • SHA512

    19c5c4c9f5ef9f26fa1d6da88444f1dbd6990744f5d3a79b30289749053341e224755c97dbdefe8af77c73ef68f47718ba2b84ee8aaf4602ebb73b8ae183ddd7

  • SSDEEP

    12288:ZVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:YfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      9d89304f808045efcf17ab454a6d49a0

    • Size

      1.7MB

    • MD5

      9d89304f808045efcf17ab454a6d49a0

    • SHA1

      8a97dad8c8a7a02c22c9887e4e103020bc104a11

    • SHA256

      a4e896e1896b2a99f6b1cec3702cb5e08283fae6ad1639be9f0af3904e54da7e

    • SHA512

      19c5c4c9f5ef9f26fa1d6da88444f1dbd6990744f5d3a79b30289749053341e224755c97dbdefe8af77c73ef68f47718ba2b84ee8aaf4602ebb73b8ae183ddd7

    • SSDEEP

      12288:ZVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:YfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks