General

  • Target

    66b58767a74baad1c7515631dc19f40d

  • Size

    1.4MB

  • Sample

    240119-e6w65sffa3

  • MD5

    66b58767a74baad1c7515631dc19f40d

  • SHA1

    ee1d09e46fcb9cf0a71d4a055a82fd1e7b18580e

  • SHA256

    cf999aa80ee97169297cb4ba12d751d3b0bf3195f85022adf03933d10cb43641

  • SHA512

    d625c635b29537eba27e37d403515685f1cc8730906e749c5fdc08c78bef80b5dbf89ee31c5579a581aaa3f5cb76797f30c26540d4ef8bab6e00882cea45d060

  • SSDEEP

    12288:OVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:TfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      66b58767a74baad1c7515631dc19f40d

    • Size

      1.4MB

    • MD5

      66b58767a74baad1c7515631dc19f40d

    • SHA1

      ee1d09e46fcb9cf0a71d4a055a82fd1e7b18580e

    • SHA256

      cf999aa80ee97169297cb4ba12d751d3b0bf3195f85022adf03933d10cb43641

    • SHA512

      d625c635b29537eba27e37d403515685f1cc8730906e749c5fdc08c78bef80b5dbf89ee31c5579a581aaa3f5cb76797f30c26540d4ef8bab6e00882cea45d060

    • SSDEEP

      12288:OVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:TfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks