General

  • Target

    1148c244776cff187360131fd499ba07

  • Size

    1.4MB

  • Sample

    231230-hfrqhsgbb3

  • MD5

    1148c244776cff187360131fd499ba07

  • SHA1

    6f4fc133789b89c850529e7258ad570226f4ebff

  • SHA256

    2505158abb338e29bf14bddbe3f0c9f18fbfc4ad163804733ef7b50c288a2798

  • SHA512

    2d4cc99400a8b348f06a01e0f9e3c7d9dce9820ef32c6afd54002dba68b43a9b453615f0945c8cb41a28c94657f2cb76f074cd97ca01a54849e3b498c96946be

  • SSDEEP

    12288:1VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:sfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      1148c244776cff187360131fd499ba07

    • Size

      1.4MB

    • MD5

      1148c244776cff187360131fd499ba07

    • SHA1

      6f4fc133789b89c850529e7258ad570226f4ebff

    • SHA256

      2505158abb338e29bf14bddbe3f0c9f18fbfc4ad163804733ef7b50c288a2798

    • SHA512

      2d4cc99400a8b348f06a01e0f9e3c7d9dce9820ef32c6afd54002dba68b43a9b453615f0945c8cb41a28c94657f2cb76f074cd97ca01a54849e3b498c96946be

    • SSDEEP

      12288:1VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:sfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks