General

  • Target

    6d744bbf016772634f87aa5fdf2fc9c5

  • Size

    1.4MB

  • Sample

    240121-tqc6naebck

  • MD5

    6d744bbf016772634f87aa5fdf2fc9c5

  • SHA1

    e1b3f458533b0b13502b8fdf2d07d05eb228b467

  • SHA256

    d0c33dbcd2bc26465a2cdf232d5cfea8a77135f9572037c8a0fbe21ae5cd0c2c

  • SHA512

    a7f14f70607bc4b4169427c833c0bb6b7aac746c13f7b990314d01086d4a2d0df2b57b8826afd2812543032484f37b737d652449784a12e8e9852782d5419410

  • SSDEEP

    12288:mVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:7fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      6d744bbf016772634f87aa5fdf2fc9c5

    • Size

      1.4MB

    • MD5

      6d744bbf016772634f87aa5fdf2fc9c5

    • SHA1

      e1b3f458533b0b13502b8fdf2d07d05eb228b467

    • SHA256

      d0c33dbcd2bc26465a2cdf232d5cfea8a77135f9572037c8a0fbe21ae5cd0c2c

    • SHA512

      a7f14f70607bc4b4169427c833c0bb6b7aac746c13f7b990314d01086d4a2d0df2b57b8826afd2812543032484f37b737d652449784a12e8e9852782d5419410

    • SSDEEP

      12288:mVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:7fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks