General

  • Target

    5b0477227cd486be479fcf0d28104d4f

  • Size

    2.0MB

  • Sample

    240114-mnr4gagehk

  • MD5

    5b0477227cd486be479fcf0d28104d4f

  • SHA1

    3447fbbbc6f5c050bfca0443326b7ca1bbf9f9cd

  • SHA256

    e5f7b540565607a2908d166121cb95786039a6cc171035aa14303777b336a560

  • SHA512

    cb95f4db550716cc30e65d223d83eb04c572a36dea4cccb16f775e33bfc86975fcce7d6a0e3b695402a9d78e09c21884927e3ed1837360fabd8b63f52ca23a3a

  • SSDEEP

    12288:lVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:8fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      5b0477227cd486be479fcf0d28104d4f

    • Size

      2.0MB

    • MD5

      5b0477227cd486be479fcf0d28104d4f

    • SHA1

      3447fbbbc6f5c050bfca0443326b7ca1bbf9f9cd

    • SHA256

      e5f7b540565607a2908d166121cb95786039a6cc171035aa14303777b336a560

    • SHA512

      cb95f4db550716cc30e65d223d83eb04c572a36dea4cccb16f775e33bfc86975fcce7d6a0e3b695402a9d78e09c21884927e3ed1837360fabd8b63f52ca23a3a

    • SSDEEP

      12288:lVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:8fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks