General

  • Target

    772b68bf3048024e686be386fbfe5083

  • Size

    652KB

  • Sample

    240126-mzhzyadcej

  • MD5

    772b68bf3048024e686be386fbfe5083

  • SHA1

    458a9a79779cf07157ec419d9511975e2f8aa2c8

  • SHA256

    7c62dc19058fca240cc5e8942a240f7691e6066aa3d59a51185ac3209e8f1409

  • SHA512

    18164714b6ced7284218c0dc8c4e0013b1b08084e07f89322564bdd0bf5d37c62edcb947965e1384e26fe36dd7d613a82697a4429fc935ee1557edf3c9290d62

  • SSDEEP

    12288:8KYQ5LL540CV3UIeLPrleV1F0e8gMA/9L0l3HATpKR4:9YQ5p4f0POF0nkls3opKR

Malware Config

Targets

    • Target

      772b68bf3048024e686be386fbfe5083

    • Size

      652KB

    • MD5

      772b68bf3048024e686be386fbfe5083

    • SHA1

      458a9a79779cf07157ec419d9511975e2f8aa2c8

    • SHA256

      7c62dc19058fca240cc5e8942a240f7691e6066aa3d59a51185ac3209e8f1409

    • SHA512

      18164714b6ced7284218c0dc8c4e0013b1b08084e07f89322564bdd0bf5d37c62edcb947965e1384e26fe36dd7d613a82697a4429fc935ee1557edf3c9290d62

    • SSDEEP

      12288:8KYQ5LL540CV3UIeLPrleV1F0e8gMA/9L0l3HATpKR4:9YQ5p4f0POF0nkls3opKR

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks