General

  • Target

    1e4195789cfec8640760ab9219a179b8

  • Size

    1.4MB

  • Sample

    231230-18gp5adcb4

  • MD5

    1e4195789cfec8640760ab9219a179b8

  • SHA1

    6f28dde45d6b3e96f451eec415d9fc9f9c77a34b

  • SHA256

    4ebf20e816e316113b4d297346f800c5fb027befcd97ac1f696a8aeea1f16421

  • SHA512

    9bbf2973d27ee40b6d4005b21434c74595fb5559fefbf899251d6f276a1b27a83165a694796c55e1024db4268eddf6a218f48e3b43ef9c55dd780656eb0496fd

  • SSDEEP

    12288:gVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:FfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      1e4195789cfec8640760ab9219a179b8

    • Size

      1.4MB

    • MD5

      1e4195789cfec8640760ab9219a179b8

    • SHA1

      6f28dde45d6b3e96f451eec415d9fc9f9c77a34b

    • SHA256

      4ebf20e816e316113b4d297346f800c5fb027befcd97ac1f696a8aeea1f16421

    • SHA512

      9bbf2973d27ee40b6d4005b21434c74595fb5559fefbf899251d6f276a1b27a83165a694796c55e1024db4268eddf6a218f48e3b43ef9c55dd780656eb0496fd

    • SSDEEP

      12288:gVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:FfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks