General

  • Target

    5907e4d84feb9d9245a7c195281c90ad

  • Size

    1.7MB

  • Sample

    240113-sladjabdbk

  • MD5

    5907e4d84feb9d9245a7c195281c90ad

  • SHA1

    bb5f0f3db1b6c32658219814476f55ac4018deb4

  • SHA256

    18402e2faa922b46df90b5ff5b0d0c72147322a35b31991e8dde741f7f89ca59

  • SHA512

    8fadfd6d2cfd44be2a57632acaecd9cd6b4d2f63ce65df07c47d9ff3b791d8d90984f3a62c69b6c2b835dc191c34696c0d4f8b38073c9f8575ede205bbdb5ac2

  • SSDEEP

    12288:9VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:kfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      5907e4d84feb9d9245a7c195281c90ad

    • Size

      1.7MB

    • MD5

      5907e4d84feb9d9245a7c195281c90ad

    • SHA1

      bb5f0f3db1b6c32658219814476f55ac4018deb4

    • SHA256

      18402e2faa922b46df90b5ff5b0d0c72147322a35b31991e8dde741f7f89ca59

    • SHA512

      8fadfd6d2cfd44be2a57632acaecd9cd6b4d2f63ce65df07c47d9ff3b791d8d90984f3a62c69b6c2b835dc191c34696c0d4f8b38073c9f8575ede205bbdb5ac2

    • SSDEEP

      12288:9VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:kfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks