General

  • Target

    38f8f403c494cd304763615d922a67fb

  • Size

    848KB

  • Sample

    231231-ra7dfshefp

  • MD5

    38f8f403c494cd304763615d922a67fb

  • SHA1

    7706587dd4bc348037452e7833c6cd663111f440

  • SHA256

    60df94d0fa102fe714906ec53efafa0308a79d6caf9e8688edc8525123a7b1e3

  • SHA512

    8426cb54939bf66bcda1c537ecd0c574d64e548cbf04e03a38f15c670db0300c856a0ea5876b4c551edcdac8d33b266c6dc8f5f00944ffb1bc6fb796537679f8

  • SSDEEP

    12288:AkbQEkWqv+157EYfxarhwLNuR7ek1tHffB/HzTyNQ6NIeGYr/R:AkbHkWfzZ5adwLNGeStHntqN7v

Malware Config

Targets

    • Target

      38f8f403c494cd304763615d922a67fb

    • Size

      848KB

    • MD5

      38f8f403c494cd304763615d922a67fb

    • SHA1

      7706587dd4bc348037452e7833c6cd663111f440

    • SHA256

      60df94d0fa102fe714906ec53efafa0308a79d6caf9e8688edc8525123a7b1e3

    • SHA512

      8426cb54939bf66bcda1c537ecd0c574d64e548cbf04e03a38f15c670db0300c856a0ea5876b4c551edcdac8d33b266c6dc8f5f00944ffb1bc6fb796537679f8

    • SSDEEP

      12288:AkbQEkWqv+157EYfxarhwLNuR7ek1tHffB/HzTyNQ6NIeGYr/R:AkbHkWfzZ5adwLNGeStHntqN7v

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Dridex payload

      Detects Dridex x64 core DLL in memory.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks