General

  • Target

    194af32adc20c2bef3623169a2afef69

  • Size

    1.4MB

  • Sample

    231230-p8yg4adcaj

  • MD5

    194af32adc20c2bef3623169a2afef69

  • SHA1

    363ae554fddf3355ac92ff44e30f29445c0dfbb5

  • SHA256

    d71f5fe8f927f07d9e298ea32336ed854624b1e728ef56721f63046885784192

  • SHA512

    b47281f7143f4ad50443c505a85efac4eb1c2c98d498e2a434116cbbc68351ad6930e6fb5b77880201f58c6653c60f31fda2013a43fcfd69d0a3b61bbe1bdfc7

  • SSDEEP

    12288:PVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1j1:mfP7fWsK5z9A+WGAW+V5SB6Ct4bnbj1

Malware Config

Targets

    • Target

      194af32adc20c2bef3623169a2afef69

    • Size

      1.4MB

    • MD5

      194af32adc20c2bef3623169a2afef69

    • SHA1

      363ae554fddf3355ac92ff44e30f29445c0dfbb5

    • SHA256

      d71f5fe8f927f07d9e298ea32336ed854624b1e728ef56721f63046885784192

    • SHA512

      b47281f7143f4ad50443c505a85efac4eb1c2c98d498e2a434116cbbc68351ad6930e6fb5b77880201f58c6653c60f31fda2013a43fcfd69d0a3b61bbe1bdfc7

    • SSDEEP

      12288:PVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1j1:mfP7fWsK5z9A+WGAW+V5SB6Ct4bnbj1

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks