General

  • Target

    70d941d4f0bc1d1f47611a7b8ce5c05d

  • Size

    2.6MB

  • Sample

    240123-3j4jpscfal

  • MD5

    70d941d4f0bc1d1f47611a7b8ce5c05d

  • SHA1

    b66d763099541372aa30d4ccd5922b29c991ef3a

  • SHA256

    6f1a36b2dc535c3a9a2e9611c3261d7d5970599318c0811e556b9ee731865de2

  • SHA512

    5aaf75580bec3c99f034e60e8eac36b5a0f9d0921b206b17d93fd6920d0f6a3add25254e51c0605f4e8ca36e5b1573a2c7a89ae7b7c21c74b67c35b1d91a260f

  • SSDEEP

    12288:LVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:KfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      70d941d4f0bc1d1f47611a7b8ce5c05d

    • Size

      2.6MB

    • MD5

      70d941d4f0bc1d1f47611a7b8ce5c05d

    • SHA1

      b66d763099541372aa30d4ccd5922b29c991ef3a

    • SHA256

      6f1a36b2dc535c3a9a2e9611c3261d7d5970599318c0811e556b9ee731865de2

    • SHA512

      5aaf75580bec3c99f034e60e8eac36b5a0f9d0921b206b17d93fd6920d0f6a3add25254e51c0605f4e8ca36e5b1573a2c7a89ae7b7c21c74b67c35b1d91a260f

    • SSDEEP

      12288:LVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:KfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks