General

  • Target

    5fb1dc0e0f42d1c1bddc4a565f5a6d9a

  • Size

    1004KB

  • Sample

    240116-mrnv8aaabn

  • MD5

    5fb1dc0e0f42d1c1bddc4a565f5a6d9a

  • SHA1

    73578072f8d0a5de68b42a73ca03e8ddfbc83307

  • SHA256

    a4b79aaad3bfb2106d78fcf6e7c03c3a3babd76c3adf68c1a41aacbd80260ba2

  • SHA512

    c8f45ec033d79e0a69f019389359f50286191493c3f49b07b691c81e5d496d708a1fe93d1339ddc8074edb7692f2f0a068ca56c19f1e421b4b108e42407f3925

  • SSDEEP

    12288:k6BBWGJW6eC85Df97+yXUj7SncCxj8iHGo59S1WQSCtEdFO7YKJf6:k6BQBjlc728jo7S1bl6FbK

Malware Config

Targets

    • Target

      5fb1dc0e0f42d1c1bddc4a565f5a6d9a

    • Size

      1004KB

    • MD5

      5fb1dc0e0f42d1c1bddc4a565f5a6d9a

    • SHA1

      73578072f8d0a5de68b42a73ca03e8ddfbc83307

    • SHA256

      a4b79aaad3bfb2106d78fcf6e7c03c3a3babd76c3adf68c1a41aacbd80260ba2

    • SHA512

      c8f45ec033d79e0a69f019389359f50286191493c3f49b07b691c81e5d496d708a1fe93d1339ddc8074edb7692f2f0a068ca56c19f1e421b4b108e42407f3925

    • SSDEEP

      12288:k6BBWGJW6eC85Df97+yXUj7SncCxj8iHGo59S1WQSCtEdFO7YKJf6:k6BQBjlc728jo7S1bl6FbK

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks