General

  • Target

    7315a7e24b903536485987c77dc91956

  • Size

    2.9MB

  • Sample

    240124-21hg5abbck

  • MD5

    7315a7e24b903536485987c77dc91956

  • SHA1

    526cd2d7389cda304cc3c81c002c1114073f1c92

  • SHA256

    17b5bae1fc1b7efdbcd4dc107c246ffe24201cdb7e3bafe80e23b7e5f3c1169b

  • SHA512

    b3399a9415848cb351726ff2bebf8124086f61d5cb5823a7789dab291da8780f5ef313b662a1a925054e8ffde76f5f5b960b774f51b9b894d02733bd4ef33489

  • SSDEEP

    12288:RVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:gfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      7315a7e24b903536485987c77dc91956

    • Size

      2.9MB

    • MD5

      7315a7e24b903536485987c77dc91956

    • SHA1

      526cd2d7389cda304cc3c81c002c1114073f1c92

    • SHA256

      17b5bae1fc1b7efdbcd4dc107c246ffe24201cdb7e3bafe80e23b7e5f3c1169b

    • SHA512

      b3399a9415848cb351726ff2bebf8124086f61d5cb5823a7789dab291da8780f5ef313b662a1a925054e8ffde76f5f5b960b774f51b9b894d02733bd4ef33489

    • SSDEEP

      12288:RVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:gfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks