General

  • Target

    59182429682bab59597023db50132570

  • Size

    1.5MB

  • Sample

    240113-s45bmacfe2

  • MD5

    59182429682bab59597023db50132570

  • SHA1

    0486793f604d2c9e390cebade88e1820ed399b24

  • SHA256

    9e7442a67c7265bf8c878c9dc5863724f4793a68d07586d35891f3f10df033de

  • SHA512

    3fc15c1ca2058f8ad56601e4133e963b05b255da1ae28e74cfa90a2546aaab4960e9af79b664939d63f7f5d409535b323d77dce70188172566988d49a4d35417

  • SSDEEP

    12288:iVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:/fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      59182429682bab59597023db50132570

    • Size

      1.5MB

    • MD5

      59182429682bab59597023db50132570

    • SHA1

      0486793f604d2c9e390cebade88e1820ed399b24

    • SHA256

      9e7442a67c7265bf8c878c9dc5863724f4793a68d07586d35891f3f10df033de

    • SHA512

      3fc15c1ca2058f8ad56601e4133e963b05b255da1ae28e74cfa90a2546aaab4960e9af79b664939d63f7f5d409535b323d77dce70188172566988d49a4d35417

    • SSDEEP

      12288:iVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:/fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks