General

  • Target

    629d2b1f7b0eb228fa69ff53bbc61604

  • Size

    3.2MB

  • Sample

    240117-pmfedsehfk

  • MD5

    629d2b1f7b0eb228fa69ff53bbc61604

  • SHA1

    f1e441b3e569702d5061f461fc92b5c29ff0946b

  • SHA256

    b09223c97f0da631b1e35c1ca73b8de4033edbca4752a01a8a89a78b36dd306b

  • SHA512

    c87a7866d47772a17c47b539d45d6b0a056d4d70d61d306c1b5a81ea99cc85a089a57125db14f311cd7c701f3e98fe9d5c9157fdf75e6df8e8383aea17527072

  • SSDEEP

    12288:JVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:ofP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      629d2b1f7b0eb228fa69ff53bbc61604

    • Size

      3.2MB

    • MD5

      629d2b1f7b0eb228fa69ff53bbc61604

    • SHA1

      f1e441b3e569702d5061f461fc92b5c29ff0946b

    • SHA256

      b09223c97f0da631b1e35c1ca73b8de4033edbca4752a01a8a89a78b36dd306b

    • SHA512

      c87a7866d47772a17c47b539d45d6b0a056d4d70d61d306c1b5a81ea99cc85a089a57125db14f311cd7c701f3e98fe9d5c9157fdf75e6df8e8383aea17527072

    • SSDEEP

      12288:JVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:ofP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks