General

  • Target

    71bb36f4bcc6b93c90c000f353db7173

  • Size

    1.6MB

  • Sample

    240124-j6md6adgcj

  • MD5

    71bb36f4bcc6b93c90c000f353db7173

  • SHA1

    4089e571bfda56a10036636485e1113cfb5fe669

  • SHA256

    bad6364c6a3a60c2e7982bb223a06f05ec95abf264dc500f75d2454642d84034

  • SHA512

    7845c3f5a2e5c78251e2accc1a0be49c9e0d6b3c85231bd417b2e806048e62389bb2d6088a6909f39e1573daf455f9cec629d98d9c0f02ab41099c5f96317615

  • SSDEEP

    12288:QVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:VfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      71bb36f4bcc6b93c90c000f353db7173

    • Size

      1.6MB

    • MD5

      71bb36f4bcc6b93c90c000f353db7173

    • SHA1

      4089e571bfda56a10036636485e1113cfb5fe669

    • SHA256

      bad6364c6a3a60c2e7982bb223a06f05ec95abf264dc500f75d2454642d84034

    • SHA512

      7845c3f5a2e5c78251e2accc1a0be49c9e0d6b3c85231bd417b2e806048e62389bb2d6088a6909f39e1573daf455f9cec629d98d9c0f02ab41099c5f96317615

    • SSDEEP

      12288:QVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:VfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks