General

  • Target

    608dbeb0c3ac07c83ebe59d6e2aa5e14

  • Size

    3.5MB

  • Sample

    240116-wybnxagcgn

  • MD5

    608dbeb0c3ac07c83ebe59d6e2aa5e14

  • SHA1

    ab2f1ca3bc3f5c13ebc151b47df4d0515cf93f2d

  • SHA256

    e1a0649e4395a86f0022b8dd283fc83cbd83f35435fc488c576b0f90fe24d832

  • SHA512

    7558ee47921e8b8c0f3d86b2e3d09709f9c5113931802556e83d96f36f86dbd89f4d62a87ad67eb2dcb27dd857d6af240a1f666e1373b3fd8992a605b2ef4306

  • SSDEEP

    12288:jVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:yfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      608dbeb0c3ac07c83ebe59d6e2aa5e14

    • Size

      3.5MB

    • MD5

      608dbeb0c3ac07c83ebe59d6e2aa5e14

    • SHA1

      ab2f1ca3bc3f5c13ebc151b47df4d0515cf93f2d

    • SHA256

      e1a0649e4395a86f0022b8dd283fc83cbd83f35435fc488c576b0f90fe24d832

    • SHA512

      7558ee47921e8b8c0f3d86b2e3d09709f9c5113931802556e83d96f36f86dbd89f4d62a87ad67eb2dcb27dd857d6af240a1f666e1373b3fd8992a605b2ef4306

    • SSDEEP

      12288:jVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:yfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks