General

  • Target

    c078c1e9295f21a9845fe98fea0ae4f0

  • Size

    1.4MB

  • Sample

    231222-rqzzbaccc5

  • MD5

    c078c1e9295f21a9845fe98fea0ae4f0

  • SHA1

    8c48fea2bd80e6150b7cfe247f9ca54246373ffe

  • SHA256

    4cff339d45df522a7cf730b05bb75dd22827bf4b6d77831b15e7758097eb0a40

  • SHA512

    663a8666f6098ac8726c02eedb031d3b4ad5e33a4dcebb3d4842f8eb632b4e792c68f1c0588091b6ec98912f7271110cd8a52ae90089b475891d97df5fb853cb

  • SSDEEP

    12288:wVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:1fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      c078c1e9295f21a9845fe98fea0ae4f0

    • Size

      1.4MB

    • MD5

      c078c1e9295f21a9845fe98fea0ae4f0

    • SHA1

      8c48fea2bd80e6150b7cfe247f9ca54246373ffe

    • SHA256

      4cff339d45df522a7cf730b05bb75dd22827bf4b6d77831b15e7758097eb0a40

    • SHA512

      663a8666f6098ac8726c02eedb031d3b4ad5e33a4dcebb3d4842f8eb632b4e792c68f1c0588091b6ec98912f7271110cd8a52ae90089b475891d97df5fb853cb

    • SSDEEP

      12288:wVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:1fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks