General

  • Target

    5e62ff260e54061981cf7a9e5210c1e6

  • Size

    1.8MB

  • Sample

    240115-3m72asaaa4

  • MD5

    5e62ff260e54061981cf7a9e5210c1e6

  • SHA1

    e6ad2195e4153a4d490394f13c07486b0227040f

  • SHA256

    7f3de25031b25c99cb65054f50d4e4a33a2c6f324b28cf40ff6d551a8ce37618

  • SHA512

    94248a39a9b56bd0cb1113434c048cbd7036251fcec70111abfff2f2054277d27fde33610bb252fa5717ee0e29ec03acde096a31bc24019d24f8ccb956902431

  • SSDEEP

    12288:/VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:2fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      5e62ff260e54061981cf7a9e5210c1e6

    • Size

      1.8MB

    • MD5

      5e62ff260e54061981cf7a9e5210c1e6

    • SHA1

      e6ad2195e4153a4d490394f13c07486b0227040f

    • SHA256

      7f3de25031b25c99cb65054f50d4e4a33a2c6f324b28cf40ff6d551a8ce37618

    • SHA512

      94248a39a9b56bd0cb1113434c048cbd7036251fcec70111abfff2f2054277d27fde33610bb252fa5717ee0e29ec03acde096a31bc24019d24f8ccb956902431

    • SSDEEP

      12288:/VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:2fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks