General

  • Target

    23666b8a1e9a9674de55a37457ac8150

  • Size

    3.5MB

  • Sample

    231231-b9tzeabcg5

  • MD5

    23666b8a1e9a9674de55a37457ac8150

  • SHA1

    27a966e4be722a405f97d3ae12b23d8ecdd1ab94

  • SHA256

    4ddc4eaf33d9c98a9c6a13f96188cf2b1867f42952da56d362e7988585900752

  • SHA512

    6138506d5827f3e754e73574794f5b43b1ca5412369a730f79835b99d60c20000ed73f119fe005ef8db02136e97cb1f3e527bd48fd452f356567d7ed1aadf9e9

  • SSDEEP

    12288:XVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:efP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      23666b8a1e9a9674de55a37457ac8150

    • Size

      3.5MB

    • MD5

      23666b8a1e9a9674de55a37457ac8150

    • SHA1

      27a966e4be722a405f97d3ae12b23d8ecdd1ab94

    • SHA256

      4ddc4eaf33d9c98a9c6a13f96188cf2b1867f42952da56d362e7988585900752

    • SHA512

      6138506d5827f3e754e73574794f5b43b1ca5412369a730f79835b99d60c20000ed73f119fe005ef8db02136e97cb1f3e527bd48fd452f356567d7ed1aadf9e9

    • SSDEEP

      12288:XVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:efP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks