General

  • Target

    387e6d00ac40f6f48e4dc8e37a07de01

  • Size

    1.0MB

  • Sample

    231231-q1r6saefgp

  • MD5

    387e6d00ac40f6f48e4dc8e37a07de01

  • SHA1

    67e1966252ced0939e8bd87f4cec57cb2c15af15

  • SHA256

    6174e8dd79ab1efad1a87d1a47e33a5a24c2354e3747c90f740e9bfa34b5ab62

  • SHA512

    33e47f9fe18f47e09a29f3dd9d31073cd6d50ee02ad91b382a9ca97d71d961baded3fca7a3e99c452dafa30648fdf7ed76b79c76273742525b457bb78dfbcaf1

  • SSDEEP

    12288:ekbQEkWqv+157EYfxarhwLNuR7ek1tHffB/HzTyNQ6NIeGYr/Rdt:ekbHkWfzZ5adwLNGeStHntqN7v7t

Malware Config

Targets

    • Target

      387e6d00ac40f6f48e4dc8e37a07de01

    • Size

      1.0MB

    • MD5

      387e6d00ac40f6f48e4dc8e37a07de01

    • SHA1

      67e1966252ced0939e8bd87f4cec57cb2c15af15

    • SHA256

      6174e8dd79ab1efad1a87d1a47e33a5a24c2354e3747c90f740e9bfa34b5ab62

    • SHA512

      33e47f9fe18f47e09a29f3dd9d31073cd6d50ee02ad91b382a9ca97d71d961baded3fca7a3e99c452dafa30648fdf7ed76b79c76273742525b457bb78dfbcaf1

    • SSDEEP

      12288:ekbQEkWqv+157EYfxarhwLNuR7ek1tHffB/HzTyNQ6NIeGYr/Rdt:ekbHkWfzZ5adwLNGeStHntqN7v7t

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Dridex payload

      Detects Dridex x64 core DLL in memory.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks