General

  • Target

    d058e3d43d54b84ed76f4526a221f4af

  • Size

    1.5MB

  • Sample

    231222-sbd9qsghf3

  • MD5

    d058e3d43d54b84ed76f4526a221f4af

  • SHA1

    45bd357dbe9593ef1c2ca2892bbf9d7f0134c8d7

  • SHA256

    cc21e6446e4a6fbab7de3f35881fbfee3dfa645776be05ee9271957393420edf

  • SHA512

    827e4fa1d8b9e7fafe1407629892755b616e22049e8fc350a444ec82924f7cd8537d396ab91da907fc08ff06302ef68507dcebdaaa889eb2e3d05a512913a27d

  • SSDEEP

    12288:VVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:MfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      d058e3d43d54b84ed76f4526a221f4af

    • Size

      1.5MB

    • MD5

      d058e3d43d54b84ed76f4526a221f4af

    • SHA1

      45bd357dbe9593ef1c2ca2892bbf9d7f0134c8d7

    • SHA256

      cc21e6446e4a6fbab7de3f35881fbfee3dfa645776be05ee9271957393420edf

    • SHA512

      827e4fa1d8b9e7fafe1407629892755b616e22049e8fc350a444ec82924f7cd8537d396ab91da907fc08ff06302ef68507dcebdaaa889eb2e3d05a512913a27d

    • SSDEEP

      12288:VVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:MfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks