General

  • Target

    7a3a76153e2caa54fc663d0fdc121d17

  • Size

    1.6MB

  • Sample

    240127-pg4vssdfgn

  • MD5

    7a3a76153e2caa54fc663d0fdc121d17

  • SHA1

    328a9e052e7a779cb70145f52761fe95ce11f2a1

  • SHA256

    4566f8ee1f24d26293566ff8f5bd093244cd716536def070a0cc36ef83be64dd

  • SHA512

    29dc194e0f6ab90c2eb34c5d989b15ac4950dca13cb3ab8eafcbfa1ac7fc5d108ee9090d25abca1be31633aa6ed0df2cf7369f7855c66f0f952d975d3f8619fd

  • SSDEEP

    12288:SVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:PfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      7a3a76153e2caa54fc663d0fdc121d17

    • Size

      1.6MB

    • MD5

      7a3a76153e2caa54fc663d0fdc121d17

    • SHA1

      328a9e052e7a779cb70145f52761fe95ce11f2a1

    • SHA256

      4566f8ee1f24d26293566ff8f5bd093244cd716536def070a0cc36ef83be64dd

    • SHA512

      29dc194e0f6ab90c2eb34c5d989b15ac4950dca13cb3ab8eafcbfa1ac7fc5d108ee9090d25abca1be31633aa6ed0df2cf7369f7855c66f0f952d975d3f8619fd

    • SSDEEP

      12288:SVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:PfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks