General

  • Target

    6b64203a5d0b4968785bb42b23396818

  • Size

    1000KB

  • Sample

    240120-y768aagahk

  • MD5

    6b64203a5d0b4968785bb42b23396818

  • SHA1

    fd6d2a08195cfb8423b80901b97f949b566b5240

  • SHA256

    53c3c9f049896f4cd87cdf67f1cef8a68f76d5b47bb7e20b6b6ffb09e4746a9e

  • SHA512

    ddc86408f244d17fe749bfb0d09e5b524e9d33b9df77b5ce287527de919bb555d7c9ab4d0732da1f30434b687606f98d70c00b166271b8b8095b2db65f815a8e

  • SSDEEP

    24576:cQcu8pzbIPLMzjw09TI/OrRd0E1ORe39JaCHSG9:cxuW0PL4wOxNP2TG

Malware Config

Targets

    • Target

      6b64203a5d0b4968785bb42b23396818

    • Size

      1000KB

    • MD5

      6b64203a5d0b4968785bb42b23396818

    • SHA1

      fd6d2a08195cfb8423b80901b97f949b566b5240

    • SHA256

      53c3c9f049896f4cd87cdf67f1cef8a68f76d5b47bb7e20b6b6ffb09e4746a9e

    • SHA512

      ddc86408f244d17fe749bfb0d09e5b524e9d33b9df77b5ce287527de919bb555d7c9ab4d0732da1f30434b687606f98d70c00b166271b8b8095b2db65f815a8e

    • SSDEEP

      24576:cQcu8pzbIPLMzjw09TI/OrRd0E1ORe39JaCHSG9:cxuW0PL4wOxNP2TG

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Modifies Installed Components in the registry

    • Checks whether UAC is enabled

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks