General

  • Target

    77810543496dc906d195460796a0219f

  • Size

    1.7MB

  • Sample

    240126-qwrz8agbfq

  • MD5

    77810543496dc906d195460796a0219f

  • SHA1

    715be388b02b3699ec35b93d4ad823e6b0127c91

  • SHA256

    3df740c27f3febda3ee2de2dfb8825fec9efdf4017ef648ff61b91d77f76f8ba

  • SHA512

    21fc370d2143019708e8980c089ec7ab3c930b3c5040c8a05b579312ddd16295d4efeb191a7c4b3cfd6ee570b7a351052268633880bd79aa68330f1bca1c033d

  • SSDEEP

    12288:sVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:ZfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      77810543496dc906d195460796a0219f

    • Size

      1.7MB

    • MD5

      77810543496dc906d195460796a0219f

    • SHA1

      715be388b02b3699ec35b93d4ad823e6b0127c91

    • SHA256

      3df740c27f3febda3ee2de2dfb8825fec9efdf4017ef648ff61b91d77f76f8ba

    • SHA512

      21fc370d2143019708e8980c089ec7ab3c930b3c5040c8a05b579312ddd16295d4efeb191a7c4b3cfd6ee570b7a351052268633880bd79aa68330f1bca1c033d

    • SSDEEP

      12288:sVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:ZfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks