General

  • Target

    757e0a2c79443f7d9de1d2fa72898839

  • Size

    668KB

  • Sample

    240125-zmzs5sfbd6

  • MD5

    757e0a2c79443f7d9de1d2fa72898839

  • SHA1

    60098803bc798f80bf40d9f4621651f344c6dc23

  • SHA256

    18d9182f2a3793c2c3eae6bb486603ed056d9bd1d3303da091ceaa8fbed7228b

  • SHA512

    018eb061037a6f67b58978399855a60802d4cb3b3822d23c2747de1d5d83258dabb10d1423510cf8cff05f5c25828685f3cf190b8d68bee3484595b71f4edda0

  • SSDEEP

    6144:o34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:oIKp/UWCZdCDh2IZDwAFRpR6Au

Malware Config

Targets

    • Target

      757e0a2c79443f7d9de1d2fa72898839

    • Size

      668KB

    • MD5

      757e0a2c79443f7d9de1d2fa72898839

    • SHA1

      60098803bc798f80bf40d9f4621651f344c6dc23

    • SHA256

      18d9182f2a3793c2c3eae6bb486603ed056d9bd1d3303da091ceaa8fbed7228b

    • SHA512

      018eb061037a6f67b58978399855a60802d4cb3b3822d23c2747de1d5d83258dabb10d1423510cf8cff05f5c25828685f3cf190b8d68bee3484595b71f4edda0

    • SSDEEP

      6144:o34xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:oIKp/UWCZdCDh2IZDwAFRpR6Au

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Dridex payload

      Detects Dridex x64 core DLL in memory.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks