General

  • Target

    6fc1300c924c848e73451dec1a26af99

  • Size

    1.5MB

  • Sample

    240122-slnk6ahegj

  • MD5

    6fc1300c924c848e73451dec1a26af99

  • SHA1

    356d8a25843e120f2e5974fbd4c2cb992dc4b881

  • SHA256

    b18bf10683e2178f9b1f99b4ced10b08880b29eac55ba5d252c34e3b0d70833b

  • SHA512

    e5ae18253c6d93810db46d694d798097c1d5706df51889f03faeaa8a12d9de9691c71914f4fc6589c863e4269ad69ec2b041d77a37ea5efe5aaf196f5914b3b2

  • SSDEEP

    12288:LVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:KfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      6fc1300c924c848e73451dec1a26af99

    • Size

      1.5MB

    • MD5

      6fc1300c924c848e73451dec1a26af99

    • SHA1

      356d8a25843e120f2e5974fbd4c2cb992dc4b881

    • SHA256

      b18bf10683e2178f9b1f99b4ced10b08880b29eac55ba5d252c34e3b0d70833b

    • SHA512

      e5ae18253c6d93810db46d694d798097c1d5706df51889f03faeaa8a12d9de9691c71914f4fc6589c863e4269ad69ec2b041d77a37ea5efe5aaf196f5914b3b2

    • SSDEEP

      12288:LVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:KfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks