General

  • Target

    3420758037f4cdbcb617eddc5b353ec7

  • Size

    2.0MB

  • Sample

    231231-ngm2lsdbdk

  • MD5

    3420758037f4cdbcb617eddc5b353ec7

  • SHA1

    59d9443e69f8b745152d76be996e2432a7376535

  • SHA256

    70950fcb136697f2cc9dc560d6beeaff157bb2e504c612a04abba3315392f23d

  • SHA512

    ffcbaa1efac2d015e45b74efee650a1c5df8a46653b9d13a896c9a4f6c2cdaed8651941049f54599cf8bcabe6d30cfc0b3f75a560c5ae321460fdd22e74b5d8d

  • SSDEEP

    12288:RVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:gfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      3420758037f4cdbcb617eddc5b353ec7

    • Size

      2.0MB

    • MD5

      3420758037f4cdbcb617eddc5b353ec7

    • SHA1

      59d9443e69f8b745152d76be996e2432a7376535

    • SHA256

      70950fcb136697f2cc9dc560d6beeaff157bb2e504c612a04abba3315392f23d

    • SHA512

      ffcbaa1efac2d015e45b74efee650a1c5df8a46653b9d13a896c9a4f6c2cdaed8651941049f54599cf8bcabe6d30cfc0b3f75a560c5ae321460fdd22e74b5d8d

    • SSDEEP

      12288:RVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:gfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks