General

  • Target

    431fd3c7422063241701cfc315eb2bf2

  • Size

    2.2MB

  • Sample

    240105-jfwj5sgeg2

  • MD5

    431fd3c7422063241701cfc315eb2bf2

  • SHA1

    498be2215b31f25d06a97b4d17f660bc3ce1e495

  • SHA256

    b0dd5691185e78d04a4e84060c37f4f4ff77cb3c0efe9cae03e19f172e91bd87

  • SHA512

    974ab26211cd1e5228026d8c29050a00cc63c2164869ccdfc2e8873fc952a0ed6ccc1750eaf7773fcc264fd5ea098d4946824d66a12185a2a65e729fadfe4e3b

  • SSDEEP

    12288:aVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1p:HfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      431fd3c7422063241701cfc315eb2bf2

    • Size

      2.2MB

    • MD5

      431fd3c7422063241701cfc315eb2bf2

    • SHA1

      498be2215b31f25d06a97b4d17f660bc3ce1e495

    • SHA256

      b0dd5691185e78d04a4e84060c37f4f4ff77cb3c0efe9cae03e19f172e91bd87

    • SHA512

      974ab26211cd1e5228026d8c29050a00cc63c2164869ccdfc2e8873fc952a0ed6ccc1750eaf7773fcc264fd5ea098d4946824d66a12185a2a65e729fadfe4e3b

    • SSDEEP

      12288:aVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1p:HfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks