General

  • Target

    7968f591e01c7a4a04d2d9c53d667082

  • Size

    1.9MB

  • Sample

    240127-gavpjsfhal

  • MD5

    7968f591e01c7a4a04d2d9c53d667082

  • SHA1

    d360ace519351b3109e26800067532b2d26ee952

  • SHA256

    00a23ef486863b29a272d8b4405e375fefa0a629927a9bccd0434886b02c5cdd

  • SHA512

    261007611f113167d1e3a8c9fc1d7e6867fcb82ec8c1bf0c82f5ae6d17de7abf8807834c4d6d68720ed83c6fca428d0400ca4e86119cfe80fe1315b3cb1f29cc

  • SSDEEP

    12288:3VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1V:+fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      7968f591e01c7a4a04d2d9c53d667082

    • Size

      1.9MB

    • MD5

      7968f591e01c7a4a04d2d9c53d667082

    • SHA1

      d360ace519351b3109e26800067532b2d26ee952

    • SHA256

      00a23ef486863b29a272d8b4405e375fefa0a629927a9bccd0434886b02c5cdd

    • SHA512

      261007611f113167d1e3a8c9fc1d7e6867fcb82ec8c1bf0c82f5ae6d17de7abf8807834c4d6d68720ed83c6fca428d0400ca4e86119cfe80fe1315b3cb1f29cc

    • SSDEEP

      12288:3VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1V:+fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks