General

  • Target

    0b44d3630f3bde3a89adb3dbfcd83a68

  • Size

    2.2MB

  • Sample

    231230-cnkz2shgal

  • MD5

    0b44d3630f3bde3a89adb3dbfcd83a68

  • SHA1

    421adb6956f60b03689dc8663e6ab04e1ac24854

  • SHA256

    fb75c71c3a6a1f8d9bcc680521b053e2d6b9b3fbcf29ed86ac5cf01c7ce74d02

  • SHA512

    68c84e082375372172b0734b8039bbe38477bad397944d8ed0ea5101b708e663a284e5ecdc5890f42e9d3715a5b9a50f717edb71c135cbe33c394f7624d6c2f3

  • SSDEEP

    12288:lVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1SV8wlf:8fP7fWsK5z9A+WGAW+V5SB6Ct4bnb+

Malware Config

Targets

    • Target

      0b44d3630f3bde3a89adb3dbfcd83a68

    • Size

      2.2MB

    • MD5

      0b44d3630f3bde3a89adb3dbfcd83a68

    • SHA1

      421adb6956f60b03689dc8663e6ab04e1ac24854

    • SHA256

      fb75c71c3a6a1f8d9bcc680521b053e2d6b9b3fbcf29ed86ac5cf01c7ce74d02

    • SHA512

      68c84e082375372172b0734b8039bbe38477bad397944d8ed0ea5101b708e663a284e5ecdc5890f42e9d3715a5b9a50f717edb71c135cbe33c394f7624d6c2f3

    • SSDEEP

      12288:lVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1SV8wlf:8fP7fWsK5z9A+WGAW+V5SB6Ct4bnb+

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks