General

  • Target

    0e6c4aa853ee3453ab12c34d5765c214

  • Size

    2.3MB

  • Sample

    231230-e2qtkafce3

  • MD5

    0e6c4aa853ee3453ab12c34d5765c214

  • SHA1

    abc5670fe29476ba1661e09aaab8241eeb5b81ea

  • SHA256

    4ef1d622c0e3482d50044b81e58acfde42d06f478bf31ad98ac9498de77bb957

  • SHA512

    5e4c15ed536007175b32deaea07f26e17b10ae9a4dddb8bd122847138c58c2d2ff57156d28b230c668f24e54586e47aba07d77498bc1f0ed2ae86aa2138497f2

  • SSDEEP

    12288:RVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:gfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      0e6c4aa853ee3453ab12c34d5765c214

    • Size

      2.3MB

    • MD5

      0e6c4aa853ee3453ab12c34d5765c214

    • SHA1

      abc5670fe29476ba1661e09aaab8241eeb5b81ea

    • SHA256

      4ef1d622c0e3482d50044b81e58acfde42d06f478bf31ad98ac9498de77bb957

    • SHA512

      5e4c15ed536007175b32deaea07f26e17b10ae9a4dddb8bd122847138c58c2d2ff57156d28b230c668f24e54586e47aba07d77498bc1f0ed2ae86aa2138497f2

    • SSDEEP

      12288:RVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:gfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks