General

  • Target

    13d90e1b8ddda68fa897813f073ba521

  • Size

    728KB

  • Sample

    231230-kvlh6addhk

  • MD5

    13d90e1b8ddda68fa897813f073ba521

  • SHA1

    1b77425636c15aa9fd74c6ecf5dfc67e6888180a

  • SHA256

    45fe64048c39ba964359cc11aed7e5da0bcac95115eebfafad445e548246b8fc

  • SHA512

    55cb7261e97e0b7795b49b9707d680dad4799cfff9ea629912cfb80b6e2411133ddba4c2d82ae78c4bdad7047b7d1430dda71a266bbcb4320f7ec02f6c193d6c

  • SSDEEP

    12288:q6BBWGJW6eC85Df97+yXUj7SncCxj8iHGo59S1WQSCtEdFO7YKJf6:q6BQBjlc728jo7S1bl6FbK

Malware Config

Targets

    • Target

      13d90e1b8ddda68fa897813f073ba521

    • Size

      728KB

    • MD5

      13d90e1b8ddda68fa897813f073ba521

    • SHA1

      1b77425636c15aa9fd74c6ecf5dfc67e6888180a

    • SHA256

      45fe64048c39ba964359cc11aed7e5da0bcac95115eebfafad445e548246b8fc

    • SHA512

      55cb7261e97e0b7795b49b9707d680dad4799cfff9ea629912cfb80b6e2411133ddba4c2d82ae78c4bdad7047b7d1430dda71a266bbcb4320f7ec02f6c193d6c

    • SSDEEP

      12288:q6BBWGJW6eC85Df97+yXUj7SncCxj8iHGo59S1WQSCtEdFO7YKJf6:q6BQBjlc728jo7S1bl6FbK

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks