General

  • Target

    779ba17cb5ed3bb94e1d07aa171986a5

  • Size

    2.2MB

  • Sample

    240126-rvw38ahber

  • MD5

    779ba17cb5ed3bb94e1d07aa171986a5

  • SHA1

    058718b265fcc9798876a651e78bc532bc472e8f

  • SHA256

    be9b2a400439006f513f0980901a98e17cc45eb12faab2c4bf9dbb87615049fb

  • SHA512

    8063b1a68cd965b671b943e7b90306df0c62726b31a0a8cbdb6b8bac2b68644fa73f559c5780682a4f6562fec46819610d8fa0016a22935b1faf85f9434db256

  • SSDEEP

    12288:KVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:XfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      779ba17cb5ed3bb94e1d07aa171986a5

    • Size

      2.2MB

    • MD5

      779ba17cb5ed3bb94e1d07aa171986a5

    • SHA1

      058718b265fcc9798876a651e78bc532bc472e8f

    • SHA256

      be9b2a400439006f513f0980901a98e17cc45eb12faab2c4bf9dbb87615049fb

    • SHA512

      8063b1a68cd965b671b943e7b90306df0c62726b31a0a8cbdb6b8bac2b68644fa73f559c5780682a4f6562fec46819610d8fa0016a22935b1faf85f9434db256

    • SSDEEP

      12288:KVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:XfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks