General

  • Target

    652e1c4bc04509b112e15800705cc082

  • Size

    1.7MB

  • Sample

    240118-mr94fsada7

  • MD5

    652e1c4bc04509b112e15800705cc082

  • SHA1

    199c3809594deb59e1fda4bbf0bbee18a2e47b8e

  • SHA256

    7df4b3db22721b5bce1043829dd32f641f90df915b83bef52558ebd1259a774f

  • SHA512

    2977b465b3ffac3e5fef2ca5392a28be6b108c01eb48a17df3dddae6801a1faa714873e365eb2513130297f8b05bec6b3af5dabb4cd9bd4362deabe5ad75ab9c

  • SSDEEP

    12288:mVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:7fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      652e1c4bc04509b112e15800705cc082

    • Size

      1.7MB

    • MD5

      652e1c4bc04509b112e15800705cc082

    • SHA1

      199c3809594deb59e1fda4bbf0bbee18a2e47b8e

    • SHA256

      7df4b3db22721b5bce1043829dd32f641f90df915b83bef52558ebd1259a774f

    • SHA512

      2977b465b3ffac3e5fef2ca5392a28be6b108c01eb48a17df3dddae6801a1faa714873e365eb2513130297f8b05bec6b3af5dabb4cd9bd4362deabe5ad75ab9c

    • SSDEEP

      12288:mVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:7fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks