General

  • Target

    653dd6e734d7671d6e8e210367c15700

  • Size

    2.0MB

  • Sample

    240118-nc76zsagf8

  • MD5

    653dd6e734d7671d6e8e210367c15700

  • SHA1

    a74251f4d0568cf723806849f4d07f174bec7b70

  • SHA256

    96890fb129977f5194cf69cb7dabc2532b59333b8a224e81cbb881cf629cd3aa

  • SHA512

    6c97c951e1e1158e5b2ad363aed4e4966fbcd66033d56bde4773a1e26ed5130af110cb6c8228d49d38c7b58ddf324e207e296fe2e2e3e5064d160e17a044809d

  • SSDEEP

    12288:VVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ18I:MfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      653dd6e734d7671d6e8e210367c15700

    • Size

      2.0MB

    • MD5

      653dd6e734d7671d6e8e210367c15700

    • SHA1

      a74251f4d0568cf723806849f4d07f174bec7b70

    • SHA256

      96890fb129977f5194cf69cb7dabc2532b59333b8a224e81cbb881cf629cd3aa

    • SHA512

      6c97c951e1e1158e5b2ad363aed4e4966fbcd66033d56bde4773a1e26ed5130af110cb6c8228d49d38c7b58ddf324e207e296fe2e2e3e5064d160e17a044809d

    • SSDEEP

      12288:VVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ18I:MfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks