General

  • Target

    3f696d44b6e6dff8b1a9a67e77ab69e8

  • Size

    1.8MB

  • Sample

    240104-am1b8sdddm

  • MD5

    3f696d44b6e6dff8b1a9a67e77ab69e8

  • SHA1

    2eeb20b7beadc65ff0e3b8c924846c6936aca57a

  • SHA256

    37d39f43cf192655d6810be1d30fb9480d8ec8940ff8965123d237f89d0551de

  • SHA512

    02b7480d535eda595c8fe6f4762e5b96296b2a70d8d195a6661eba4abad773203ac4e73a509ba78b7fe5c29220e89fad337ecfdb8bd63df9a63f44ccd5681111

  • SSDEEP

    12288:YVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1yQ:NfP7fWsK5z9A+WGAW+V5SB6Ct4bnbL

Malware Config

Targets

    • Target

      3f696d44b6e6dff8b1a9a67e77ab69e8

    • Size

      1.8MB

    • MD5

      3f696d44b6e6dff8b1a9a67e77ab69e8

    • SHA1

      2eeb20b7beadc65ff0e3b8c924846c6936aca57a

    • SHA256

      37d39f43cf192655d6810be1d30fb9480d8ec8940ff8965123d237f89d0551de

    • SHA512

      02b7480d535eda595c8fe6f4762e5b96296b2a70d8d195a6661eba4abad773203ac4e73a509ba78b7fe5c29220e89fad337ecfdb8bd63df9a63f44ccd5681111

    • SSDEEP

      12288:YVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1yQ:NfP7fWsK5z9A+WGAW+V5SB6Ct4bnbL

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks