General

  • Target

    5f11c1c1e255b6cf3173bae3a0b44338

  • Size

    3.2MB

  • Sample

    240116-f4ls3aegg7

  • MD5

    5f11c1c1e255b6cf3173bae3a0b44338

  • SHA1

    9e910aa56d063d3d53b94d5f720f7992f794e19e

  • SHA256

    c234ca0150756b9cd5ebba1468f4f4ff687469493d39112424ab1220fc8fc12b

  • SHA512

    daa5d7182fb4e770386ff716a065989599ed6f75e0a24fc8b48700768fcb5de67a0cc8637ab8c938ba1fa30432d8e07bec8db67fdc28702b42460e5d9373e9a5

  • SSDEEP

    12288:+VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:jfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      5f11c1c1e255b6cf3173bae3a0b44338

    • Size

      3.2MB

    • MD5

      5f11c1c1e255b6cf3173bae3a0b44338

    • SHA1

      9e910aa56d063d3d53b94d5f720f7992f794e19e

    • SHA256

      c234ca0150756b9cd5ebba1468f4f4ff687469493d39112424ab1220fc8fc12b

    • SHA512

      daa5d7182fb4e770386ff716a065989599ed6f75e0a24fc8b48700768fcb5de67a0cc8637ab8c938ba1fa30432d8e07bec8db67fdc28702b42460e5d9373e9a5

    • SSDEEP

      12288:+VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:jfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks