General

  • Target

    35074d79a34cd964a2e31d39fd7a40b8

  • Size

    1.8MB

  • Sample

    231231-ny6kaaacek

  • MD5

    35074d79a34cd964a2e31d39fd7a40b8

  • SHA1

    857300d2a5dda7750d2ea0e65b39f15ee780e9a0

  • SHA256

    325fa79a384585c0d5b4337c0f4a84dc3fb7cb1ec7f50f386478a7831ef120fc

  • SHA512

    e2ff3d0a448ad777c6dfb126b9d224e72a6e0f21236fc47a8c6bd851e24ab262ca3623b6b696b0a1e5f622eb379bd19316dc48ce6866be146e4a52268df9fdd9

  • SSDEEP

    12288:yVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:vfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      35074d79a34cd964a2e31d39fd7a40b8

    • Size

      1.8MB

    • MD5

      35074d79a34cd964a2e31d39fd7a40b8

    • SHA1

      857300d2a5dda7750d2ea0e65b39f15ee780e9a0

    • SHA256

      325fa79a384585c0d5b4337c0f4a84dc3fb7cb1ec7f50f386478a7831ef120fc

    • SHA512

      e2ff3d0a448ad777c6dfb126b9d224e72a6e0f21236fc47a8c6bd851e24ab262ca3623b6b696b0a1e5f622eb379bd19316dc48ce6866be146e4a52268df9fdd9

    • SSDEEP

      12288:yVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:vfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks