General

  • Target

    726f982410725cb34272e9e44b3c0310

  • Size

    2.0MB

  • Sample

    240124-rdv5lacbgj

  • MD5

    726f982410725cb34272e9e44b3c0310

  • SHA1

    8450bd8609660c8fee5e0a8460e391b44ef07bfd

  • SHA256

    1af3b38b228078c0c78e70ef3bf82e55635240069d5f982819899db2bf5d9972

  • SHA512

    e1540efb22d0c7bf2f5a0f1a9ad38f0d78d741db0c49c4628f620f315e4a093b449628b12aabd597c89042344318b3db6dad4ca03e3390d67944c84f72cfb728

  • SSDEEP

    12288:MVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:5fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      726f982410725cb34272e9e44b3c0310

    • Size

      2.0MB

    • MD5

      726f982410725cb34272e9e44b3c0310

    • SHA1

      8450bd8609660c8fee5e0a8460e391b44ef07bfd

    • SHA256

      1af3b38b228078c0c78e70ef3bf82e55635240069d5f982819899db2bf5d9972

    • SHA512

      e1540efb22d0c7bf2f5a0f1a9ad38f0d78d741db0c49c4628f620f315e4a093b449628b12aabd597c89042344318b3db6dad4ca03e3390d67944c84f72cfb728

    • SSDEEP

      12288:MVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:5fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks