General

  • Target

    785ce10521b549ee5b635b6aaebf7f7f

  • Size

    1.6MB

  • Sample

    240126-zp14zsecc5

  • MD5

    785ce10521b549ee5b635b6aaebf7f7f

  • SHA1

    abe7c72eef2d7414f84b0ff9811cfea344a35078

  • SHA256

    2841518b5acc66a9fdbea00ba90c5775124fca822a3ae725b7dc86d68bfe4689

  • SHA512

    eeb6d2c24914bef11cd8e74a1703fd65dda1d9d3fedf78bc9958c970ab69c28fd7d9963300fecc5d0076e082516d275ae8213a3cdfeb085d744b25bd447fb525

  • SSDEEP

    12288:7VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:afP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      785ce10521b549ee5b635b6aaebf7f7f

    • Size

      1.6MB

    • MD5

      785ce10521b549ee5b635b6aaebf7f7f

    • SHA1

      abe7c72eef2d7414f84b0ff9811cfea344a35078

    • SHA256

      2841518b5acc66a9fdbea00ba90c5775124fca822a3ae725b7dc86d68bfe4689

    • SHA512

      eeb6d2c24914bef11cd8e74a1703fd65dda1d9d3fedf78bc9958c970ab69c28fd7d9963300fecc5d0076e082516d275ae8213a3cdfeb085d744b25bd447fb525

    • SSDEEP

      12288:7VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:afP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks