General

  • Target

    0ad75cdbb6b5e139351fc9bc4b14f396

  • Size

    2.6MB

  • Sample

    231230-cc2hnafahp

  • MD5

    0ad75cdbb6b5e139351fc9bc4b14f396

  • SHA1

    501674d61bb586cb6b5d9f087dc78f100048b179

  • SHA256

    d626dba09486fe91027422c9c8a6cbaa913554be9d047c1cf39bcb961bb2a019

  • SHA512

    601ddedf46edc317b128d0dd8f4ef0a3afa6830446360fe0ef19016d3655bcd8e925251bbec0839d0c658a15b2cda5a452e35c74dd8daf2e425aab7758490851

  • SSDEEP

    12288:AVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:lfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      0ad75cdbb6b5e139351fc9bc4b14f396

    • Size

      2.6MB

    • MD5

      0ad75cdbb6b5e139351fc9bc4b14f396

    • SHA1

      501674d61bb586cb6b5d9f087dc78f100048b179

    • SHA256

      d626dba09486fe91027422c9c8a6cbaa913554be9d047c1cf39bcb961bb2a019

    • SHA512

      601ddedf46edc317b128d0dd8f4ef0a3afa6830446360fe0ef19016d3655bcd8e925251bbec0839d0c658a15b2cda5a452e35c74dd8daf2e425aab7758490851

    • SSDEEP

      12288:AVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:lfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks