General

  • Target

    33706acbd1f245fe707ff6b8e05edfc7

  • Size

    3.2MB

  • Sample

    231231-m327zshcdm

  • MD5

    33706acbd1f245fe707ff6b8e05edfc7

  • SHA1

    cb67327ed5e2b943557dcd69ce380860e1667b85

  • SHA256

    c6dbca3b4b4801df42431bcf7334245440b49f8af3e2f66af99dcb110079610f

  • SHA512

    d6029baf03d5b6495f2f0605439b0567f0a7296e20d39d11486911da11696a6c1c3d344cb2c2191f1a687cae41ca0d7bf834c69588c5ce0b348f1a10e770d3d2

  • SSDEEP

    12288:9VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:kfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      33706acbd1f245fe707ff6b8e05edfc7

    • Size

      3.2MB

    • MD5

      33706acbd1f245fe707ff6b8e05edfc7

    • SHA1

      cb67327ed5e2b943557dcd69ce380860e1667b85

    • SHA256

      c6dbca3b4b4801df42431bcf7334245440b49f8af3e2f66af99dcb110079610f

    • SHA512

      d6029baf03d5b6495f2f0605439b0567f0a7296e20d39d11486911da11696a6c1c3d344cb2c2191f1a687cae41ca0d7bf834c69588c5ce0b348f1a10e770d3d2

    • SSDEEP

      12288:9VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:kfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks