General

  • Target

    a79b33b69a356ba5d8d4d01df6f1e7ef

  • Size

    1.7MB

  • Sample

    231222-qwp6maachr

  • MD5

    a79b33b69a356ba5d8d4d01df6f1e7ef

  • SHA1

    cfd0f8e6a65c9d24292c310c124294b36d1a6d1e

  • SHA256

    600888746c14e42d6df7c8f42722b11c058303f4834c0fe324eda5b4d1e9a76d

  • SHA512

    c078429b42a075c0ee6531f80453234db9700db617d50c22749b8b36990033fa6ac7db2cb35e10afd7bbfae6a6f79666405313e8b34aef566f436fe2c33b935e

  • SSDEEP

    12288:AVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:lfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      a79b33b69a356ba5d8d4d01df6f1e7ef

    • Size

      1.7MB

    • MD5

      a79b33b69a356ba5d8d4d01df6f1e7ef

    • SHA1

      cfd0f8e6a65c9d24292c310c124294b36d1a6d1e

    • SHA256

      600888746c14e42d6df7c8f42722b11c058303f4834c0fe324eda5b4d1e9a76d

    • SHA512

      c078429b42a075c0ee6531f80453234db9700db617d50c22749b8b36990033fa6ac7db2cb35e10afd7bbfae6a6f79666405313e8b34aef566f436fe2c33b935e

    • SSDEEP

      12288:AVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:lfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks