General

  • Target

    5689bc1799d6324ca7c8aead7a4b0f34

  • Size

    2.0MB

  • Sample

    240112-qbcpsshbg3

  • MD5

    5689bc1799d6324ca7c8aead7a4b0f34

  • SHA1

    7ba0cd53a375acd18c2a6e01efa73c4e262c8585

  • SHA256

    141e7ca0ad5ce84c3512ed3ab9a60b4c009d42d3540312afde2f897d543dbeb3

  • SHA512

    abfe06cfcd653d4d6fdf418724c81e62920f84d771e22e0c0c3a2c06887ca278b05d1c9d18deedcb43b718e54a857a3ec1534205811f0c29f5699620ab051fa7

  • SSDEEP

    12288:vVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:GfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      5689bc1799d6324ca7c8aead7a4b0f34

    • Size

      2.0MB

    • MD5

      5689bc1799d6324ca7c8aead7a4b0f34

    • SHA1

      7ba0cd53a375acd18c2a6e01efa73c4e262c8585

    • SHA256

      141e7ca0ad5ce84c3512ed3ab9a60b4c009d42d3540312afde2f897d543dbeb3

    • SHA512

      abfe06cfcd653d4d6fdf418724c81e62920f84d771e22e0c0c3a2c06887ca278b05d1c9d18deedcb43b718e54a857a3ec1534205811f0c29f5699620ab051fa7

    • SSDEEP

      12288:vVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:GfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks