General

  • Target

    14c1ebb77518e40dfd55948e33030b1a

  • Size

    1.5MB

  • Sample

    231230-lntrmaafcj

  • MD5

    14c1ebb77518e40dfd55948e33030b1a

  • SHA1

    39cf759762be68d62f85d6a676ed146061bccb77

  • SHA256

    8ebd61a2a0c4892b5c8cd12bfe9e461fc9b289d20450e3d93291fb0e4ab146f4

  • SHA512

    5e5df9538e6b1a3e56505c270e29800d119a89d2d6e1e9b30ae1c1cbf5408d1b71614f63fb8cb9939c0aeb9ff0cd1c2186f21b1399e9652a7df95493c57a7d50

  • SSDEEP

    12288:xVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:AfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      14c1ebb77518e40dfd55948e33030b1a

    • Size

      1.5MB

    • MD5

      14c1ebb77518e40dfd55948e33030b1a

    • SHA1

      39cf759762be68d62f85d6a676ed146061bccb77

    • SHA256

      8ebd61a2a0c4892b5c8cd12bfe9e461fc9b289d20450e3d93291fb0e4ab146f4

    • SHA512

      5e5df9538e6b1a3e56505c270e29800d119a89d2d6e1e9b30ae1c1cbf5408d1b71614f63fb8cb9939c0aeb9ff0cd1c2186f21b1399e9652a7df95493c57a7d50

    • SSDEEP

      12288:xVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:AfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks