General

  • Target

    5ab3a26ab9b178665740719760c62482

  • Size

    3.2MB

  • Sample

    240114-jrytmseehp

  • MD5

    5ab3a26ab9b178665740719760c62482

  • SHA1

    d731eaf8f28537b4e202c38cbd963c044ef38766

  • SHA256

    dea4513f530057a8e6f063f761dd1f3904cc8248887bb383ab6a2d836b987d50

  • SHA512

    641b79677733ae3fd50d58061952f9858df2ccba2ff7ac9839a504d21ef81880891c9546b6f95fa84e737b24b7c58f737a7b5df8abcb28d6a4c2fd2e7ac03931

  • SSDEEP

    12288:sVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:ZfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      5ab3a26ab9b178665740719760c62482

    • Size

      3.2MB

    • MD5

      5ab3a26ab9b178665740719760c62482

    • SHA1

      d731eaf8f28537b4e202c38cbd963c044ef38766

    • SHA256

      dea4513f530057a8e6f063f761dd1f3904cc8248887bb383ab6a2d836b987d50

    • SHA512

      641b79677733ae3fd50d58061952f9858df2ccba2ff7ac9839a504d21ef81880891c9546b6f95fa84e737b24b7c58f737a7b5df8abcb28d6a4c2fd2e7ac03931

    • SSDEEP

      12288:sVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:ZfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks