General

  • Target

    c01759cd40316a6699660373fecd6083

  • Size

    2.0MB

  • Sample

    231222-rqnlaacbd7

  • MD5

    c01759cd40316a6699660373fecd6083

  • SHA1

    b581cc126c9bd284c4a8e243c72ce58728a5d36f

  • SHA256

    fb8c636347be450c76889ac3d36027f23e57dec6e4aa52925f1311b9a1919f85

  • SHA512

    d92834c46b2bfe65f771c0e0d3735e40ebe7a43a2ffb3c0584913381961ed5a2340ae466bffb3d5e817d579d92c5ed20c91e6e5c8682777a7191a0f57aba81fd

  • SSDEEP

    12288:sVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1q:ZfP7fWsK5z9A+WGAW+V5SB6Ct4bnbq

Malware Config

Targets

    • Target

      c01759cd40316a6699660373fecd6083

    • Size

      2.0MB

    • MD5

      c01759cd40316a6699660373fecd6083

    • SHA1

      b581cc126c9bd284c4a8e243c72ce58728a5d36f

    • SHA256

      fb8c636347be450c76889ac3d36027f23e57dec6e4aa52925f1311b9a1919f85

    • SHA512

      d92834c46b2bfe65f771c0e0d3735e40ebe7a43a2ffb3c0584913381961ed5a2340ae466bffb3d5e817d579d92c5ed20c91e6e5c8682777a7191a0f57aba81fd

    • SSDEEP

      12288:sVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1q:ZfP7fWsK5z9A+WGAW+V5SB6Ct4bnbq

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks