General

  • Target

    3551e408b63d63ba44de0472ae520894

  • Size

    2.0MB

  • Sample

    231231-n5bngsbhcm

  • MD5

    3551e408b63d63ba44de0472ae520894

  • SHA1

    d7ccba23c63c10235627924303a0bb2e64dd8968

  • SHA256

    2441f536cb83b0623634ba6b3facec137755ff6ada263c065d12ff527da7b087

  • SHA512

    352c0c0e22f022b4d07e80cc6e63ebae957cb14dd74ec7918e7397607438116c124045c89e41b96e3fa8f9990ccf49ec1b3aa1d89afe77321213ab97435a634f

  • SSDEEP

    12288:zVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1+t:ifP7fWsK5z9A+WGAW+V5SB6Ct4bnb+t

Malware Config

Targets

    • Target

      3551e408b63d63ba44de0472ae520894

    • Size

      2.0MB

    • MD5

      3551e408b63d63ba44de0472ae520894

    • SHA1

      d7ccba23c63c10235627924303a0bb2e64dd8968

    • SHA256

      2441f536cb83b0623634ba6b3facec137755ff6ada263c065d12ff527da7b087

    • SHA512

      352c0c0e22f022b4d07e80cc6e63ebae957cb14dd74ec7918e7397607438116c124045c89e41b96e3fa8f9990ccf49ec1b3aa1d89afe77321213ab97435a634f

    • SSDEEP

      12288:zVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1+t:ifP7fWsK5z9A+WGAW+V5SB6Ct4bnb+t

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks