General

  • Target

    6516f3b21fdb886d0cf758092a7e1959

  • Size

    2.2MB

  • Sample

    240118-lvldtshfg5

  • MD5

    6516f3b21fdb886d0cf758092a7e1959

  • SHA1

    d1369a22027a86216003f328726236b404580775

  • SHA256

    10ce522f215552f704fd324bc579beddc2b7dd82b41efe20e558ef441b829dd3

  • SHA512

    18ef2f7ffec11a78082856961b246c93aaf8e8a6551903a46cada36a275438598ae18903d2718023987e2380219179be0f36c0d27e8ae87618ce55fca399f542

  • SSDEEP

    12288:1VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1L:sfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      6516f3b21fdb886d0cf758092a7e1959

    • Size

      2.2MB

    • MD5

      6516f3b21fdb886d0cf758092a7e1959

    • SHA1

      d1369a22027a86216003f328726236b404580775

    • SHA256

      10ce522f215552f704fd324bc579beddc2b7dd82b41efe20e558ef441b829dd3

    • SHA512

      18ef2f7ffec11a78082856961b246c93aaf8e8a6551903a46cada36a275438598ae18903d2718023987e2380219179be0f36c0d27e8ae87618ce55fca399f542

    • SSDEEP

      12288:1VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1L:sfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks