General

  • Target

    5274829dfdbd08c8f993a4a31d3d6073

  • Size

    852KB

  • Sample

    240111-eebfcseaem

  • MD5

    5274829dfdbd08c8f993a4a31d3d6073

  • SHA1

    a4f07ed425b1a4002efee120f3aacdc18f2e4e2b

  • SHA256

    14906c032956bed15a33083266a615ff7d5b24d84f0dbc36c3e245a3e46ac500

  • SHA512

    d65c192609e4d7c643b0305901c94188245b18e87d9417068c937a5b569bb913264590e37a0da00c96d8ce3640e2a5f040f9ed771c966551fe3febdd7d70fe2a

  • SSDEEP

    12288:hkbQEkWqv+157EYfxarhwLNuR7ek1tHffB/HzTyNQ6NIeGYr/R:hkbHkWfzZ5adwLNGeStHntqN7v

Malware Config

Targets

    • Target

      5274829dfdbd08c8f993a4a31d3d6073

    • Size

      852KB

    • MD5

      5274829dfdbd08c8f993a4a31d3d6073

    • SHA1

      a4f07ed425b1a4002efee120f3aacdc18f2e4e2b

    • SHA256

      14906c032956bed15a33083266a615ff7d5b24d84f0dbc36c3e245a3e46ac500

    • SHA512

      d65c192609e4d7c643b0305901c94188245b18e87d9417068c937a5b569bb913264590e37a0da00c96d8ce3640e2a5f040f9ed771c966551fe3febdd7d70fe2a

    • SSDEEP

      12288:hkbQEkWqv+157EYfxarhwLNuR7ek1tHffB/HzTyNQ6NIeGYr/R:hkbHkWfzZ5adwLNGeStHntqN7v

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Dridex payload

      Detects Dridex x64 core DLL in memory.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks