General

  • Target

    0a293f11653fb849f05ffb34c99c012a

  • Size

    1.5MB

  • Sample

    231230-bx7pqsbaar

  • MD5

    0a293f11653fb849f05ffb34c99c012a

  • SHA1

    77fa77a008df26ae31d319505e913356df5f21a3

  • SHA256

    2e85cf7c646f5ce7b1beacd5a0934cdc15a3b1a20f08035ebf9bb1c4b193ddec

  • SHA512

    2dc378ebc567a6cc0ee8af0c6ad1ff87daa9a0a5f8f02d11efd44a82414752e09f52c345e8a3b831a206731dcce7bbc9dbb81526f2edc0fec2fb3c1f351f48bd

  • SSDEEP

    12288:+VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:jfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      0a293f11653fb849f05ffb34c99c012a

    • Size

      1.5MB

    • MD5

      0a293f11653fb849f05ffb34c99c012a

    • SHA1

      77fa77a008df26ae31d319505e913356df5f21a3

    • SHA256

      2e85cf7c646f5ce7b1beacd5a0934cdc15a3b1a20f08035ebf9bb1c4b193ddec

    • SHA512

      2dc378ebc567a6cc0ee8af0c6ad1ff87daa9a0a5f8f02d11efd44a82414752e09f52c345e8a3b831a206731dcce7bbc9dbb81526f2edc0fec2fb3c1f351f48bd

    • SSDEEP

      12288:+VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:jfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks