General

  • Target

    76afafbe9ec4d9c894720599f9812cee

  • Size

    2.0MB

  • Sample

    240126-hqyxkshfan

  • MD5

    76afafbe9ec4d9c894720599f9812cee

  • SHA1

    3258bddf1f2dafc5b70b134ccddeab342a32fafc

  • SHA256

    44e96f3c81f9089ec61e412623a4f0b474893a9f84acef4e32b318f1d2bbc15e

  • SHA512

    52f4944a4be7ede4951aa3b29ffb160e62832d62c3cb446bf68c43faaa9e8d06d0a3df44a9301d2d382c08931f8e57409493f507f3fe93d738e865527344d613

  • SSDEEP

    12288:cVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:pfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      76afafbe9ec4d9c894720599f9812cee

    • Size

      2.0MB

    • MD5

      76afafbe9ec4d9c894720599f9812cee

    • SHA1

      3258bddf1f2dafc5b70b134ccddeab342a32fafc

    • SHA256

      44e96f3c81f9089ec61e412623a4f0b474893a9f84acef4e32b318f1d2bbc15e

    • SHA512

      52f4944a4be7ede4951aa3b29ffb160e62832d62c3cb446bf68c43faaa9e8d06d0a3df44a9301d2d382c08931f8e57409493f507f3fe93d738e865527344d613

    • SSDEEP

      12288:cVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:pfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks