General

  • Target

    6e98953bf2fdd7c3a404f182f3070944

  • Size

    1.1MB

  • Sample

    240122-dxwzcafcdr

  • MD5

    6e98953bf2fdd7c3a404f182f3070944

  • SHA1

    e547a54cfbc50fcfc2bf78c348984e7b6b1183ce

  • SHA256

    995bc9b977d5419139f29029dd2d9df2ce41f3a0496ec39a37946620a20d877a

  • SHA512

    e50c9ec714413a89c14492af9d1dffa90e20be98411b44c6df78d0b751ade15cef5476aae6b4d6f3b143146fddc0345366dbda75593926d97e05b23ec9a4521b

  • SSDEEP

    12288:JVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:ofP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      6e98953bf2fdd7c3a404f182f3070944

    • Size

      1.1MB

    • MD5

      6e98953bf2fdd7c3a404f182f3070944

    • SHA1

      e547a54cfbc50fcfc2bf78c348984e7b6b1183ce

    • SHA256

      995bc9b977d5419139f29029dd2d9df2ce41f3a0496ec39a37946620a20d877a

    • SHA512

      e50c9ec714413a89c14492af9d1dffa90e20be98411b44c6df78d0b751ade15cef5476aae6b4d6f3b143146fddc0345366dbda75593926d97e05b23ec9a4521b

    • SSDEEP

      12288:JVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:ofP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks