General

  • Target

    52921a3e103fd1c2ff41ad9c8626052c

  • Size

    1.7MB

  • Sample

    240111-fdpf9sffe8

  • MD5

    52921a3e103fd1c2ff41ad9c8626052c

  • SHA1

    8683504aec740b98f66e7c4ff74e9aea709361fc

  • SHA256

    8d32c506d16586935ad634dccef4012f5b280e355aeea78e563fc24fda21a6f7

  • SHA512

    09a6272dfd1468616fe14fde6b45f3d92b53b087b716116c7b52ea338c6947f6fb4e266cb62b4f6f57df49709b9dfd05441789bddec2a3e60eafffcdd911565f

  • SSDEEP

    12288:wVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:1fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      52921a3e103fd1c2ff41ad9c8626052c

    • Size

      1.7MB

    • MD5

      52921a3e103fd1c2ff41ad9c8626052c

    • SHA1

      8683504aec740b98f66e7c4ff74e9aea709361fc

    • SHA256

      8d32c506d16586935ad634dccef4012f5b280e355aeea78e563fc24fda21a6f7

    • SHA512

      09a6272dfd1468616fe14fde6b45f3d92b53b087b716116c7b52ea338c6947f6fb4e266cb62b4f6f57df49709b9dfd05441789bddec2a3e60eafffcdd911565f

    • SSDEEP

      12288:wVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:1fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks