General

  • Target

    72069f253d65873ca37d22ed502e1911

  • Size

    3.7MB

  • Sample

    240124-mtys7sgda5

  • MD5

    72069f253d65873ca37d22ed502e1911

  • SHA1

    551a0c0ea3996301997e8f133c3ab4933456b7db

  • SHA256

    95675ed8705063e78d6feec16544b7d5bbe62b4bc34b13462280c0ec046f0d71

  • SHA512

    113a86c3fd39d5cb43ccfbee1a8ca8a0f2c08d76439eb39c228f1a56432ab121f61696087b21df958b15b16b16c3169d5109aac638ab60b91eb4ce76b9dc52a1

  • SSDEEP

    12288:bVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1K8yQy:6fP7fWsK5z9A+WGAW+V5SB6Ct4bnbKn

Malware Config

Targets

    • Target

      72069f253d65873ca37d22ed502e1911

    • Size

      3.7MB

    • MD5

      72069f253d65873ca37d22ed502e1911

    • SHA1

      551a0c0ea3996301997e8f133c3ab4933456b7db

    • SHA256

      95675ed8705063e78d6feec16544b7d5bbe62b4bc34b13462280c0ec046f0d71

    • SHA512

      113a86c3fd39d5cb43ccfbee1a8ca8a0f2c08d76439eb39c228f1a56432ab121f61696087b21df958b15b16b16c3169d5109aac638ab60b91eb4ce76b9dc52a1

    • SSDEEP

      12288:bVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1K8yQy:6fP7fWsK5z9A+WGAW+V5SB6Ct4bnbKn

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks