General

  • Target

    0a0e1c280657815796ae1a6bc531b5ae

  • Size

    2.1MB

  • Sample

    231230-bvzaksdae7

  • MD5

    0a0e1c280657815796ae1a6bc531b5ae

  • SHA1

    62f8d40741b995c9fa6aeb603276127432feb5df

  • SHA256

    d26a361401ebe89184426da768ffe65a228680fa72a13e9c29be2c6b40582f17

  • SHA512

    4f0398357ffaf8e4f591d9a18344a4a373d706192e305b031c64bdec83b457e7128f65ed1a4e4f44b75f0e1d5be89cd1f63157a435f2fbda0503db9da55161a7

  • SSDEEP

    12288:oVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1AJo:9fP7fWsK5z9A+WGAW+V5SB6Ct4bnb2

Malware Config

Targets

    • Target

      0a0e1c280657815796ae1a6bc531b5ae

    • Size

      2.1MB

    • MD5

      0a0e1c280657815796ae1a6bc531b5ae

    • SHA1

      62f8d40741b995c9fa6aeb603276127432feb5df

    • SHA256

      d26a361401ebe89184426da768ffe65a228680fa72a13e9c29be2c6b40582f17

    • SHA512

      4f0398357ffaf8e4f591d9a18344a4a373d706192e305b031c64bdec83b457e7128f65ed1a4e4f44b75f0e1d5be89cd1f63157a435f2fbda0503db9da55161a7

    • SSDEEP

      12288:oVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1AJo:9fP7fWsK5z9A+WGAW+V5SB6Ct4bnb2

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks