General

  • Target

    6e878d3bec87e1562cd7b8f267d6511c

  • Size

    1.4MB

  • Sample

    240122-dc1rssegdm

  • MD5

    6e878d3bec87e1562cd7b8f267d6511c

  • SHA1

    5babe29f33e7fb0f4d7327d937e71373645490e8

  • SHA256

    9e34e48ce49ec56aa42b037c0bb4dee15418333d5374dbb3084a0787d254f2a5

  • SHA512

    6358e14c1008bc891540650adfaf3afe328ce4306e30f5b4e9363f5609c090c13caa106322e0b64e17158d881aacd545e8d03b0e1f9a3652d0e7968539df67cd

  • SSDEEP

    12288:lVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:8fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      6e878d3bec87e1562cd7b8f267d6511c

    • Size

      1.4MB

    • MD5

      6e878d3bec87e1562cd7b8f267d6511c

    • SHA1

      5babe29f33e7fb0f4d7327d937e71373645490e8

    • SHA256

      9e34e48ce49ec56aa42b037c0bb4dee15418333d5374dbb3084a0787d254f2a5

    • SHA512

      6358e14c1008bc891540650adfaf3afe328ce4306e30f5b4e9363f5609c090c13caa106322e0b64e17158d881aacd545e8d03b0e1f9a3652d0e7968539df67cd

    • SSDEEP

      12288:lVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:8fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks