General

  • Target

    1e48aa406f99b4d46aef4b07a2d523a7

  • Size

    1.1MB

  • Sample

    231230-1846esbbfl

  • MD5

    1e48aa406f99b4d46aef4b07a2d523a7

  • SHA1

    f4f6e71b7457c1c417562326c6e38407a504abf3

  • SHA256

    0e8e9f8cf167325c36810a7e2c2bade0a65f572ead4b09f1692a397837f50100

  • SHA512

    2806347ad26c6021089d37dbfd4eb912edb850eb6faf2ac4af187a02342219c497f003ba1f8a5c32d80b3bb098a0894596f42172406029586f2c8587c96cf863

  • SSDEEP

    12288:oVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:9fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      1e48aa406f99b4d46aef4b07a2d523a7

    • Size

      1.1MB

    • MD5

      1e48aa406f99b4d46aef4b07a2d523a7

    • SHA1

      f4f6e71b7457c1c417562326c6e38407a504abf3

    • SHA256

      0e8e9f8cf167325c36810a7e2c2bade0a65f572ead4b09f1692a397837f50100

    • SHA512

      2806347ad26c6021089d37dbfd4eb912edb850eb6faf2ac4af187a02342219c497f003ba1f8a5c32d80b3bb098a0894596f42172406029586f2c8587c96cf863

    • SSDEEP

      12288:oVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:9fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks