General

  • Target

    6d6d6e2d25e5004f0487405fdb25a600

  • Size

    1.4MB

  • Sample

    240121-tg9hhaeaap

  • MD5

    6d6d6e2d25e5004f0487405fdb25a600

  • SHA1

    ef4b1bba3fc0114114c00180262f1404a88e66b0

  • SHA256

    6c28f1dd1c3bbf1187846af408ba671bf0fb28984469e666b284d4f4b1c3a823

  • SHA512

    8a8d615f34930e4eb5d717414e3443771caff2416815ed529ba4a0a2ec7fb5fe6637198d6482626dcd3f0edd428776a637c8608cc00fcbf35eff55812bd24608

  • SSDEEP

    12288:FVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:cfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      6d6d6e2d25e5004f0487405fdb25a600

    • Size

      1.4MB

    • MD5

      6d6d6e2d25e5004f0487405fdb25a600

    • SHA1

      ef4b1bba3fc0114114c00180262f1404a88e66b0

    • SHA256

      6c28f1dd1c3bbf1187846af408ba671bf0fb28984469e666b284d4f4b1c3a823

    • SHA512

      8a8d615f34930e4eb5d717414e3443771caff2416815ed529ba4a0a2ec7fb5fe6637198d6482626dcd3f0edd428776a637c8608cc00fcbf35eff55812bd24608

    • SSDEEP

      12288:FVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:cfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks