General

  • Target

    a0e3d31bc359c4e655f7d9df3b663fd0

  • Size

    1.7MB

  • Sample

    231222-qmsv6agdep

  • MD5

    a0e3d31bc359c4e655f7d9df3b663fd0

  • SHA1

    66dbe5a93d747da92fb1c7f834645d881f332e5d

  • SHA256

    b6ee5f569a7683ddfe9af50cc10048a8de8bde03411c465b8d55443536d41081

  • SHA512

    598e88c9a2be2dd05b660a6eaa76dc02777cf6aacc689e253b1ed2bbeef9dc95e45413de285c69ed8941660b984fb83402c5016eddd990d21a8f011faa6c8bd2

  • SSDEEP

    12288:ZVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:YfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      a0e3d31bc359c4e655f7d9df3b663fd0

    • Size

      1.7MB

    • MD5

      a0e3d31bc359c4e655f7d9df3b663fd0

    • SHA1

      66dbe5a93d747da92fb1c7f834645d881f332e5d

    • SHA256

      b6ee5f569a7683ddfe9af50cc10048a8de8bde03411c465b8d55443536d41081

    • SHA512

      598e88c9a2be2dd05b660a6eaa76dc02777cf6aacc689e253b1ed2bbeef9dc95e45413de285c69ed8941660b984fb83402c5016eddd990d21a8f011faa6c8bd2

    • SSDEEP

      12288:ZVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:YfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks