General

  • Target

    3644686431d56a0d0ea6ba5a3192f266

  • Size

    2.3MB

  • Sample

    231231-pqzmfahagn

  • MD5

    3644686431d56a0d0ea6ba5a3192f266

  • SHA1

    e1229e88f9698275f5406b783540b4756aec1df9

  • SHA256

    5605ec07c6ea613c100f2ffc1826c312358df6dff2362b5c7877fc99f5ba901d

  • SHA512

    3ed5d4fa09c75ea51aba0601d05777c988d624682fdcd7a7e8dc20773ac34359c30cfccf5fc880ad3226686292052c0d1b071e8afda51ac45974bd0c7ada2114

  • SSDEEP

    12288:1VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1F:sfP7fWsK5z9A+WGAW+V5SB6Ct4bnbF

Malware Config

Targets

    • Target

      3644686431d56a0d0ea6ba5a3192f266

    • Size

      2.3MB

    • MD5

      3644686431d56a0d0ea6ba5a3192f266

    • SHA1

      e1229e88f9698275f5406b783540b4756aec1df9

    • SHA256

      5605ec07c6ea613c100f2ffc1826c312358df6dff2362b5c7877fc99f5ba901d

    • SHA512

      3ed5d4fa09c75ea51aba0601d05777c988d624682fdcd7a7e8dc20773ac34359c30cfccf5fc880ad3226686292052c0d1b071e8afda51ac45974bd0c7ada2114

    • SSDEEP

      12288:1VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1F:sfP7fWsK5z9A+WGAW+V5SB6Ct4bnbF

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks