General

  • Target

    605ce935be49961234c42d733123c29a

  • Size

    764KB

  • Sample

    240116-t6h2vaehfm

  • MD5

    605ce935be49961234c42d733123c29a

  • SHA1

    37b44a064c2bfd6974ef866d1a875e06e4a77774

  • SHA256

    0ed1a2100465042ad24cf6e257975add8949612ac5fe0a5349b03f6924a55e81

  • SHA512

    bdb2c851f739889ae6f9d00643b74f617d431749df639511d0ffbe35b3fc50be566bcd39f29f889062e9b01980d4b71e24101fbf5ab48050e127cf9fae18a377

  • SSDEEP

    12288:+6BBWGJW6eC85Df97+yXUj7SncCxj8iHGo59S1WQSCtEdFO7YKJf6:+6BQBjlc728jo7S1bl6FbK

Malware Config

Targets

    • Target

      605ce935be49961234c42d733123c29a

    • Size

      764KB

    • MD5

      605ce935be49961234c42d733123c29a

    • SHA1

      37b44a064c2bfd6974ef866d1a875e06e4a77774

    • SHA256

      0ed1a2100465042ad24cf6e257975add8949612ac5fe0a5349b03f6924a55e81

    • SHA512

      bdb2c851f739889ae6f9d00643b74f617d431749df639511d0ffbe35b3fc50be566bcd39f29f889062e9b01980d4b71e24101fbf5ab48050e127cf9fae18a377

    • SSDEEP

      12288:+6BBWGJW6eC85Df97+yXUj7SncCxj8iHGo59S1WQSCtEdFO7YKJf6:+6BQBjlc728jo7S1bl6FbK

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks