General

  • Target

    6913c976717f771261d42365e9ed8940

  • Size

    2.5MB

  • Sample

    240120-bcmttsggaj

  • MD5

    6913c976717f771261d42365e9ed8940

  • SHA1

    de6623f60ec96e264ee873aaf2ceeacf81313405

  • SHA256

    f3ca4c539c12c3d56e02f61e3aa2def83515305b89bcbe17274ac895313ad46a

  • SHA512

    68ee9ec13b10596eb96f2fb0a0b66a93149c49ac922aff3830ff81234af5f6b8c4326aa188c3f26a43809d10f2cb40da40e7d01957459526b858ce5a21b3a934

  • SSDEEP

    24576:zfP7fWsK5z9A+WGAW+V5SB6Ct4bnbcs+:DDW/e+WG0Vo6CtSn

Malware Config

Targets

    • Target

      6913c976717f771261d42365e9ed8940

    • Size

      2.5MB

    • MD5

      6913c976717f771261d42365e9ed8940

    • SHA1

      de6623f60ec96e264ee873aaf2ceeacf81313405

    • SHA256

      f3ca4c539c12c3d56e02f61e3aa2def83515305b89bcbe17274ac895313ad46a

    • SHA512

      68ee9ec13b10596eb96f2fb0a0b66a93149c49ac922aff3830ff81234af5f6b8c4326aa188c3f26a43809d10f2cb40da40e7d01957459526b858ce5a21b3a934

    • SSDEEP

      24576:zfP7fWsK5z9A+WGAW+V5SB6Ct4bnbcs+:DDW/e+WG0Vo6CtSn

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks