General

  • Target

    567b6640615b51d0bec09cef9e63851c

  • Size

    3.2MB

  • Sample

    240112-pt9ltafhhn

  • MD5

    567b6640615b51d0bec09cef9e63851c

  • SHA1

    e9b7b9995d0b47dbd486478d6812d9479a4bebc2

  • SHA256

    12cf86267d6157fe1f366c0c3529e1e02aa87e533244d95a662fd1de6d80c52c

  • SHA512

    91ab6925f9843b6a3555c3eae177e3b9d0c0eb7b7b3799dc4e90a8f81ae7151dc7693f58755564b536d5e8b6ba4aef254c31757ec755bc732fea498fbb6fb7d1

  • SSDEEP

    12288:UVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ12t:RfP7fWsK5z9A+WGAW+V5SB6Ct4bnb2t

Malware Config

Targets

    • Target

      567b6640615b51d0bec09cef9e63851c

    • Size

      3.2MB

    • MD5

      567b6640615b51d0bec09cef9e63851c

    • SHA1

      e9b7b9995d0b47dbd486478d6812d9479a4bebc2

    • SHA256

      12cf86267d6157fe1f366c0c3529e1e02aa87e533244d95a662fd1de6d80c52c

    • SHA512

      91ab6925f9843b6a3555c3eae177e3b9d0c0eb7b7b3799dc4e90a8f81ae7151dc7693f58755564b536d5e8b6ba4aef254c31757ec755bc732fea498fbb6fb7d1

    • SSDEEP

      12288:UVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ12t:RfP7fWsK5z9A+WGAW+V5SB6Ct4bnb2t

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks