General

  • Target

    70b4e740a07d198ec5ac903eaed6ff43

  • Size

    2.0MB

  • Sample

    240123-18k3jsbdh9

  • MD5

    70b4e740a07d198ec5ac903eaed6ff43

  • SHA1

    7f30bccf96428c20875a437c2995388987fa2e84

  • SHA256

    718a533c6fd5cccfb5c4afd72ad1d850327a0b4e6a37aed68679e7bb4afce5ce

  • SHA512

    c0e2e1771108c56358814da4618a4d6c5fdfcb3e8ad536e6ecbb1c12afb47819f7a3c5770b4033e73011dd117249474fb6ac44bb017c041b2f5c289ebd74834e

  • SSDEEP

    12288:uVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1+o6:zfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      70b4e740a07d198ec5ac903eaed6ff43

    • Size

      2.0MB

    • MD5

      70b4e740a07d198ec5ac903eaed6ff43

    • SHA1

      7f30bccf96428c20875a437c2995388987fa2e84

    • SHA256

      718a533c6fd5cccfb5c4afd72ad1d850327a0b4e6a37aed68679e7bb4afce5ce

    • SHA512

      c0e2e1771108c56358814da4618a4d6c5fdfcb3e8ad536e6ecbb1c12afb47819f7a3c5770b4033e73011dd117249474fb6ac44bb017c041b2f5c289ebd74834e

    • SSDEEP

      12288:uVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1+o6:zfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks