General

  • Target

    1d0dfe8cb5ce6985affa09212965265b

  • Size

    3.5MB

  • Sample

    231230-1ctptaefd9

  • MD5

    1d0dfe8cb5ce6985affa09212965265b

  • SHA1

    5a33907e4a80dc7365994c23cfb9d890d0a6ad34

  • SHA256

    7451c36c889f034126cbb112409144e10c76c053846ac31d113f90d48ad96c08

  • SHA512

    ad0b320d1685fb462b76c83b1a9b5c3a753f3d3aff0fae073b0964b5ccfba388553ba48c9e3558900622308233d26c6330b9957d23a6921e419f93330870eb87

  • SSDEEP

    12288:aVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1W6QC:HfP7fWsK5z9A+WGAW+V5SB6Ct4bnb/

Malware Config

Targets

    • Target

      1d0dfe8cb5ce6985affa09212965265b

    • Size

      3.5MB

    • MD5

      1d0dfe8cb5ce6985affa09212965265b

    • SHA1

      5a33907e4a80dc7365994c23cfb9d890d0a6ad34

    • SHA256

      7451c36c889f034126cbb112409144e10c76c053846ac31d113f90d48ad96c08

    • SHA512

      ad0b320d1685fb462b76c83b1a9b5c3a753f3d3aff0fae073b0964b5ccfba388553ba48c9e3558900622308233d26c6330b9957d23a6921e419f93330870eb87

    • SSDEEP

      12288:aVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1W6QC:HfP7fWsK5z9A+WGAW+V5SB6Ct4bnb/

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks