General

  • Target

    6e701a6565714d75f57e4ac97c8b92cc

  • Size

    1.5MB

  • Sample

    240122-ckq2wseahk

  • MD5

    6e701a6565714d75f57e4ac97c8b92cc

  • SHA1

    25de2e09d2506a090f949c1091c99e8209029564

  • SHA256

    bd76a02a02d4a0c8c7837fe4c4985ace8f6249f11e0a71ed9ffa55e8f4639be6

  • SHA512

    b38cdaa350fc05950787cfe6fef67253e63f4c4d037f9708cd7f74845fb151a20693d20ce0b57ae6cc47e3d6a8a9e22384a5941a3bb2fe26c6466b296d122882

  • SSDEEP

    12288:bVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ177:6fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      6e701a6565714d75f57e4ac97c8b92cc

    • Size

      1.5MB

    • MD5

      6e701a6565714d75f57e4ac97c8b92cc

    • SHA1

      25de2e09d2506a090f949c1091c99e8209029564

    • SHA256

      bd76a02a02d4a0c8c7837fe4c4985ace8f6249f11e0a71ed9ffa55e8f4639be6

    • SHA512

      b38cdaa350fc05950787cfe6fef67253e63f4c4d037f9708cd7f74845fb151a20693d20ce0b57ae6cc47e3d6a8a9e22384a5941a3bb2fe26c6466b296d122882

    • SSDEEP

      12288:bVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ177:6fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks