General

  • Target

    778d4730d5f23525661b573a83f5a65f

  • Size

    1.7MB

  • Sample

    240126-rb1x3agfgk

  • MD5

    778d4730d5f23525661b573a83f5a65f

  • SHA1

    b4363f418266b63f4036546ab4a54e52fd530c2d

  • SHA256

    72ab82c1cb0c63ec0a02f3bd9061de964700d7490d0704cafc3eb3459b0e906d

  • SHA512

    0ae77c82fb95805277f52235354ae296455ffb7c33a863dff46b6245738fadec923dfe742c2554bdbb53cebc664c58630cbce935c5ddf714ca1bf55f9ae105cd

  • SSDEEP

    12288:CVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:ffP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      778d4730d5f23525661b573a83f5a65f

    • Size

      1.7MB

    • MD5

      778d4730d5f23525661b573a83f5a65f

    • SHA1

      b4363f418266b63f4036546ab4a54e52fd530c2d

    • SHA256

      72ab82c1cb0c63ec0a02f3bd9061de964700d7490d0704cafc3eb3459b0e906d

    • SHA512

      0ae77c82fb95805277f52235354ae296455ffb7c33a863dff46b6245738fadec923dfe742c2554bdbb53cebc664c58630cbce935c5ddf714ca1bf55f9ae105cd

    • SSDEEP

      12288:CVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:ffP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks