General

  • Target

    74aa7a7b1a55a686da6fb64c99496b53

  • Size

    3.2MB

  • Sample

    240125-pcbcpagbbk

  • MD5

    74aa7a7b1a55a686da6fb64c99496b53

  • SHA1

    baf7fcf0fe7a57031c1285f02cb4a0814e54fa31

  • SHA256

    e12d72cce77128cc87490c508bb9e32003d1141cf5ccc962117961d65c2d71ab

  • SHA512

    6e7d2349024ceb235cb85ddc9c88695796197d9dd84f19518e0639f93f5cd0cd713c216d04f85e961be6115b93e34e4fc39912b8b9262b2f8b69ed7d68ef05b1

  • SSDEEP

    12288:4VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:tfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      74aa7a7b1a55a686da6fb64c99496b53

    • Size

      3.2MB

    • MD5

      74aa7a7b1a55a686da6fb64c99496b53

    • SHA1

      baf7fcf0fe7a57031c1285f02cb4a0814e54fa31

    • SHA256

      e12d72cce77128cc87490c508bb9e32003d1141cf5ccc962117961d65c2d71ab

    • SHA512

      6e7d2349024ceb235cb85ddc9c88695796197d9dd84f19518e0639f93f5cd0cd713c216d04f85e961be6115b93e34e4fc39912b8b9262b2f8b69ed7d68ef05b1

    • SSDEEP

      12288:4VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:tfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks