General

  • Target

    661942dec5f555ea16390ab0b8805570

  • Size

    848KB

  • Sample

    240118-1h6lkahgbn

  • MD5

    661942dec5f555ea16390ab0b8805570

  • SHA1

    1c0cf8507b8ab448424fe88f164143291e17f4d8

  • SHA256

    9fc724df4f2ae0f2d2b3a04540cf737782e0b77e296a03ec25418f3f36f05a6b

  • SHA512

    09353633455251bb230592ca21328a63cee419b11b2d28ff9d2ad0da6b3b55d6a4c9614e3f99502001b6444e0e19ed8d0dcecd7a079bf5cd30f148f455be4606

  • SSDEEP

    12288:wkbQEkWqv+157EYfxarhwLNuR7ek1tHffB/HzTyNQ6NIeGYr/R:wkbHkWfzZ5adwLNGeStHntqN7v

Malware Config

Targets

    • Target

      661942dec5f555ea16390ab0b8805570

    • Size

      848KB

    • MD5

      661942dec5f555ea16390ab0b8805570

    • SHA1

      1c0cf8507b8ab448424fe88f164143291e17f4d8

    • SHA256

      9fc724df4f2ae0f2d2b3a04540cf737782e0b77e296a03ec25418f3f36f05a6b

    • SHA512

      09353633455251bb230592ca21328a63cee419b11b2d28ff9d2ad0da6b3b55d6a4c9614e3f99502001b6444e0e19ed8d0dcecd7a079bf5cd30f148f455be4606

    • SSDEEP

      12288:wkbQEkWqv+157EYfxarhwLNuR7ek1tHffB/HzTyNQ6NIeGYr/R:wkbHkWfzZ5adwLNGeStHntqN7v

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Dridex payload

      Detects Dridex x64 core DLL in memory.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks