General

  • Target

    6b53deb79d5fb69b096922195df55b2d

  • Size

    1.9MB

  • Sample

    240120-ypxwwsgbb6

  • MD5

    6b53deb79d5fb69b096922195df55b2d

  • SHA1

    87dc146e5644c8cb19cfc413a5e09c94d6bc8935

  • SHA256

    3d0b692633b057a2b142656465598db8387395fd9a39752639b4667ae4479da8

  • SHA512

    2178739a2db8c272c7ed0bb1b3a43c72bdd7bc3bdda8fbc560bb4cccf656ba200c7a341b7dc347e8b26fd878732ea0d6ba2feb774328cf1ed7bdc9bf94f67a83

  • SSDEEP

    12288:4VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:tfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      6b53deb79d5fb69b096922195df55b2d

    • Size

      1.9MB

    • MD5

      6b53deb79d5fb69b096922195df55b2d

    • SHA1

      87dc146e5644c8cb19cfc413a5e09c94d6bc8935

    • SHA256

      3d0b692633b057a2b142656465598db8387395fd9a39752639b4667ae4479da8

    • SHA512

      2178739a2db8c272c7ed0bb1b3a43c72bdd7bc3bdda8fbc560bb4cccf656ba200c7a341b7dc347e8b26fd878732ea0d6ba2feb774328cf1ed7bdc9bf94f67a83

    • SSDEEP

      12288:4VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:tfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Modifies Installed Components in the registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks