General

  • Target

    70d94e86e118a27adfe3f75b8db4134c

  • Size

    2.1MB

  • Sample

    240123-3j77wscgg3

  • MD5

    70d94e86e118a27adfe3f75b8db4134c

  • SHA1

    252169f8b3b9f7e3187e1c25ee2e7561de450968

  • SHA256

    814d959ae1800dc9c90f630f8f204a2f36fca00c3c4fe9c460b399f957e499f6

  • SHA512

    815381ef381bcc883564b00866ce22a22e910d948885d107c3a679c87ddd99dc8c23723ac825ec8594ba67233622d79599ad9207d9dccc3476163703c44b3052

  • SSDEEP

    12288:BVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1Web:wfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      70d94e86e118a27adfe3f75b8db4134c

    • Size

      2.1MB

    • MD5

      70d94e86e118a27adfe3f75b8db4134c

    • SHA1

      252169f8b3b9f7e3187e1c25ee2e7561de450968

    • SHA256

      814d959ae1800dc9c90f630f8f204a2f36fca00c3c4fe9c460b399f957e499f6

    • SHA512

      815381ef381bcc883564b00866ce22a22e910d948885d107c3a679c87ddd99dc8c23723ac825ec8594ba67233622d79599ad9207d9dccc3476163703c44b3052

    • SSDEEP

      12288:BVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1Web:wfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks