General

  • Target

    686ead54f11ad7a199730fa54bd87917

  • Size

    3.5MB

  • Sample

    240119-x2fbyacbbr

  • MD5

    686ead54f11ad7a199730fa54bd87917

  • SHA1

    c45300b31ef01134e50004809d5e945c10ef6f21

  • SHA256

    157dba446a7b409cd3c0b7b59b764fde1820a4c8c7431a2ea28e841ec9ea5056

  • SHA512

    46cb02ef280e20b25201edb1d7fb0ab7752ea573c492e23c49421a931a60bd8ab700cd5fe851bbf71232cbe3627ac903a6133aaccd53111b8f8cc4d06caf2e39

  • SSDEEP

    12288:2VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:rfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      686ead54f11ad7a199730fa54bd87917

    • Size

      3.5MB

    • MD5

      686ead54f11ad7a199730fa54bd87917

    • SHA1

      c45300b31ef01134e50004809d5e945c10ef6f21

    • SHA256

      157dba446a7b409cd3c0b7b59b764fde1820a4c8c7431a2ea28e841ec9ea5056

    • SHA512

      46cb02ef280e20b25201edb1d7fb0ab7752ea573c492e23c49421a931a60bd8ab700cd5fe851bbf71232cbe3627ac903a6133aaccd53111b8f8cc4d06caf2e39

    • SSDEEP

      12288:2VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:rfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks