General

  • Target

    2097c2f618063464714ea21731ffd184

  • Size

    1.5MB

  • Sample

    231230-3t48zsaba9

  • MD5

    2097c2f618063464714ea21731ffd184

  • SHA1

    3d6cbd6f95bafcb89997ee130aae5b8d944e9427

  • SHA256

    5a5f45234e753828244ad1f27ef0e01eabdc9302d542ceb6626308b2652e38ca

  • SHA512

    62bd2b7a172eb62e0e4631f603b958e4f3c1a76f2423f2aac34c91a7a814ef29216c2eef4dbf23c5201e8435c8e1ca04c07af0f0b9a111afcad8affc577deaab

  • SSDEEP

    12288:2VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:rfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      2097c2f618063464714ea21731ffd184

    • Size

      1.5MB

    • MD5

      2097c2f618063464714ea21731ffd184

    • SHA1

      3d6cbd6f95bafcb89997ee130aae5b8d944e9427

    • SHA256

      5a5f45234e753828244ad1f27ef0e01eabdc9302d542ceb6626308b2652e38ca

    • SHA512

      62bd2b7a172eb62e0e4631f603b958e4f3c1a76f2423f2aac34c91a7a814ef29216c2eef4dbf23c5201e8435c8e1ca04c07af0f0b9a111afcad8affc577deaab

    • SSDEEP

      12288:2VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:rfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks