General

  • Target

    10e0923a9df7e76e9ca30923dceca843

  • Size

    1.5MB

  • Sample

    231230-g2n13sddh9

  • MD5

    10e0923a9df7e76e9ca30923dceca843

  • SHA1

    93aa6ac54ded54f4be6770ab2b65091f9e09a2ed

  • SHA256

    11b7a4d4ceb03cce0efcd4fd1a3f314b99f30971d4a2aebbd6086f44dfb68bf5

  • SHA512

    80c54e9d85f532b44af4ad26cc429faaefd04a3224a6cee86e80610cd58cc02fbde2902831207e1e2a40e56f28b28be9eb83b418ab0769b5d3324805523f29aa

  • SSDEEP

    12288:MVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:5fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      10e0923a9df7e76e9ca30923dceca843

    • Size

      1.5MB

    • MD5

      10e0923a9df7e76e9ca30923dceca843

    • SHA1

      93aa6ac54ded54f4be6770ab2b65091f9e09a2ed

    • SHA256

      11b7a4d4ceb03cce0efcd4fd1a3f314b99f30971d4a2aebbd6086f44dfb68bf5

    • SHA512

      80c54e9d85f532b44af4ad26cc429faaefd04a3224a6cee86e80610cd58cc02fbde2902831207e1e2a40e56f28b28be9eb83b418ab0769b5d3324805523f29aa

    • SSDEEP

      12288:MVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:5fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks