General

  • Target

    c5aa41334a680c8c2a07d30dee047009

  • Size

    2.1MB

  • Sample

    231222-rwsgesdgf7

  • MD5

    c5aa41334a680c8c2a07d30dee047009

  • SHA1

    83c5558607583d4f63267059d29b7d08fa7985d6

  • SHA256

    f099178b03b5951f06c3cb62cf72350c2e3c41e7c127934f0723ebd6e7861ddd

  • SHA512

    89d5b2df2b73225890376b85dd8f290f08b7b39992efe0f4fd343d2b54b8abb733ca6e16015a2f4811f01778ef139e03f1f5780887aa53e804947efffede5f72

  • SSDEEP

    12288:RVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:gfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      c5aa41334a680c8c2a07d30dee047009

    • Size

      2.1MB

    • MD5

      c5aa41334a680c8c2a07d30dee047009

    • SHA1

      83c5558607583d4f63267059d29b7d08fa7985d6

    • SHA256

      f099178b03b5951f06c3cb62cf72350c2e3c41e7c127934f0723ebd6e7861ddd

    • SHA512

      89d5b2df2b73225890376b85dd8f290f08b7b39992efe0f4fd343d2b54b8abb733ca6e16015a2f4811f01778ef139e03f1f5780887aa53e804947efffede5f72

    • SSDEEP

      12288:RVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:gfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks