General

  • Target

    2f33a8edf003a8639bb2ef9d94cf84a8

  • Size

    2.0MB

  • Sample

    231231-kfyvyahhgm

  • MD5

    2f33a8edf003a8639bb2ef9d94cf84a8

  • SHA1

    479d865fe90f821253705aa24574c7473c3eb3d6

  • SHA256

    303515ef4a29922aed6e868b8420c095b6ed217b6c2e93db5caa8674c1df3910

  • SHA512

    2d60f572e5675ece8c5f215f8303c56dd61e1b338226e252f7578a7488a165e10691ce98212b5793fb08889bcdd9db404b05821d361f1bef6270c770f232e16a

  • SSDEEP

    12288:vVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1Do:GfP7fWsK5z9A+WGAW+V5SB6Ct4bnbD

Malware Config

Targets

    • Target

      2f33a8edf003a8639bb2ef9d94cf84a8

    • Size

      2.0MB

    • MD5

      2f33a8edf003a8639bb2ef9d94cf84a8

    • SHA1

      479d865fe90f821253705aa24574c7473c3eb3d6

    • SHA256

      303515ef4a29922aed6e868b8420c095b6ed217b6c2e93db5caa8674c1df3910

    • SHA512

      2d60f572e5675ece8c5f215f8303c56dd61e1b338226e252f7578a7488a165e10691ce98212b5793fb08889bcdd9db404b05821d361f1bef6270c770f232e16a

    • SSDEEP

      12288:vVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1Do:GfP7fWsK5z9A+WGAW+V5SB6Ct4bnbD

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks