General

  • Target

    5a1ecc523cd9669823ee738d80c11354

  • Size

    1.8MB

  • Sample

    240114-dprdwscag2

  • MD5

    5a1ecc523cd9669823ee738d80c11354

  • SHA1

    b54364c7d3284eea8630c8f4aa8ab5576756e014

  • SHA256

    4a198d49af2986734fde07ed39cbd59a272a106a0dbdb689381632c54dd3e943

  • SHA512

    58b5c9e5085b4de1507b60ad79c9d455f5b8edd63d99a55265f9967abab9d10597f314931142937302e21f707fdbd605eb4debdab59f944e4fd840cda9684155

  • SSDEEP

    24576:lfP7fWsK5z9A+WGAW+V5SB6Ct4bnbi+t:FDW/e+WG0Vo6CtSnW

Malware Config

Targets

    • Target

      5a1ecc523cd9669823ee738d80c11354

    • Size

      1.8MB

    • MD5

      5a1ecc523cd9669823ee738d80c11354

    • SHA1

      b54364c7d3284eea8630c8f4aa8ab5576756e014

    • SHA256

      4a198d49af2986734fde07ed39cbd59a272a106a0dbdb689381632c54dd3e943

    • SHA512

      58b5c9e5085b4de1507b60ad79c9d455f5b8edd63d99a55265f9967abab9d10597f314931142937302e21f707fdbd605eb4debdab59f944e4fd840cda9684155

    • SSDEEP

      24576:lfP7fWsK5z9A+WGAW+V5SB6Ct4bnbi+t:FDW/e+WG0Vo6CtSnW

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks