General

  • Target

    23f9d2ae51af5c55ef51d26821cc73bb

  • Size

    2.8MB

  • Sample

    231231-ck5kaaefd4

  • MD5

    23f9d2ae51af5c55ef51d26821cc73bb

  • SHA1

    b51f95995300d0a8c9dd7a076e2bc506436fc0d3

  • SHA256

    d47a15f7fcfebfac9cd8e6613d618624b4ab1de7e052026b9b7ff566827f26ac

  • SHA512

    9b9b8283cddab02188825d3d43d9e60bbc5aa8e4d7b4e1ea10fcae7146116fdbd7c4cfc62439897a2231f5b4ad3ed68ab2584465d6fb44284193d9b29d0db215

  • SSDEEP

    12288:iVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1ZFre:/fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      23f9d2ae51af5c55ef51d26821cc73bb

    • Size

      2.8MB

    • MD5

      23f9d2ae51af5c55ef51d26821cc73bb

    • SHA1

      b51f95995300d0a8c9dd7a076e2bc506436fc0d3

    • SHA256

      d47a15f7fcfebfac9cd8e6613d618624b4ab1de7e052026b9b7ff566827f26ac

    • SHA512

      9b9b8283cddab02188825d3d43d9e60bbc5aa8e4d7b4e1ea10fcae7146116fdbd7c4cfc62439897a2231f5b4ad3ed68ab2584465d6fb44284193d9b29d0db215

    • SSDEEP

      12288:iVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1ZFre:/fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks