General

  • Target

    d1abd159b957da8deb5d8d937631c69d

  • Size

    2.9MB

  • Sample

    231222-sgqvqahcf4

  • MD5

    d1abd159b957da8deb5d8d937631c69d

  • SHA1

    8025881c55d50918b98842d6570b8e39c2d5e035

  • SHA256

    361afd2ae5582ef034e0061fe2319f6d781d2011ddf7fd11eb07a8935c307924

  • SHA512

    b94eb8f33eed9132369f5099a358a06a0a23eb237ca9845f98a510e2d00b14a3f7130902a66dbd54fccdaba6f153eee7472b7cef2949d2857c4d0b14d4d8e582

  • SSDEEP

    12288:1VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:sfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      d1abd159b957da8deb5d8d937631c69d

    • Size

      2.9MB

    • MD5

      d1abd159b957da8deb5d8d937631c69d

    • SHA1

      8025881c55d50918b98842d6570b8e39c2d5e035

    • SHA256

      361afd2ae5582ef034e0061fe2319f6d781d2011ddf7fd11eb07a8935c307924

    • SHA512

      b94eb8f33eed9132369f5099a358a06a0a23eb237ca9845f98a510e2d00b14a3f7130902a66dbd54fccdaba6f153eee7472b7cef2949d2857c4d0b14d4d8e582

    • SSDEEP

      12288:1VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:sfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks