General

  • Target

    0905f3b5aa3ee361ef34c75769c6bf03

  • Size

    2.2MB

  • Sample

    231230-a5gylseee6

  • MD5

    0905f3b5aa3ee361ef34c75769c6bf03

  • SHA1

    178a1286da636c1324cc9dd8bd2bb1f6ab9d3300

  • SHA256

    57dc3169be701c4d85f51a5b168e4bfcdf6052661809b35c17d49d7da216ad56

  • SHA512

    f11cf9f6160df388b00de91b1ce33160a2c6087d8d3e8120675381b4d948f49c47b0d796f730e71201e1e62bddf3f9107b6f1253b91543db57070eaaa22a5465

  • SSDEEP

    12288:BVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1FQge:wfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      0905f3b5aa3ee361ef34c75769c6bf03

    • Size

      2.2MB

    • MD5

      0905f3b5aa3ee361ef34c75769c6bf03

    • SHA1

      178a1286da636c1324cc9dd8bd2bb1f6ab9d3300

    • SHA256

      57dc3169be701c4d85f51a5b168e4bfcdf6052661809b35c17d49d7da216ad56

    • SHA512

      f11cf9f6160df388b00de91b1ce33160a2c6087d8d3e8120675381b4d948f49c47b0d796f730e71201e1e62bddf3f9107b6f1253b91543db57070eaaa22a5465

    • SSDEEP

      12288:BVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1FQge:wfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks