General

  • Target

    61f2627485987b4054ff97050f0dfe2b

  • Size

    964KB

  • Sample

    240117-g3a6lsaack

  • MD5

    61f2627485987b4054ff97050f0dfe2b

  • SHA1

    8ba24c683a74e29248653e465d46c5b244adb246

  • SHA256

    771e168408b17e5f7ae16bd3a878820d0e0a844f25d549507b6d2b9c8ed0c9e2

  • SHA512

    4caa9fd59cc8a9cca7edf9e9174ecde4b6cd5c235ab0d141c9ed7c933850526a3c6a443c5fee0a505154d47780badab326da15a86f65b49758c671ac292c1e0c

  • SSDEEP

    12288:3tCtvNv+h26xiWZu8xDPtgPuSYAuXIPY2wKg7oGviTVp7OC0aO1/ixB:3tChNv+ceiWjDVgyAurCg7osJ1

Malware Config

Targets

    • Target

      61f2627485987b4054ff97050f0dfe2b

    • Size

      964KB

    • MD5

      61f2627485987b4054ff97050f0dfe2b

    • SHA1

      8ba24c683a74e29248653e465d46c5b244adb246

    • SHA256

      771e168408b17e5f7ae16bd3a878820d0e0a844f25d549507b6d2b9c8ed0c9e2

    • SHA512

      4caa9fd59cc8a9cca7edf9e9174ecde4b6cd5c235ab0d141c9ed7c933850526a3c6a443c5fee0a505154d47780badab326da15a86f65b49758c671ac292c1e0c

    • SSDEEP

      12288:3tCtvNv+h26xiWZu8xDPtgPuSYAuXIPY2wKg7oGviTVp7OC0aO1/ixB:3tChNv+ceiWjDVgyAurCg7osJ1

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Dridex payload

      Detects Dridex x64 core DLL in memory.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks