General

  • Target

    82db4107f6e131cd91a70e918dc4bfb2

  • Size

    3.1MB

  • Sample

    240130-3gwfbafce5

  • MD5

    82db4107f6e131cd91a70e918dc4bfb2

  • SHA1

    113d6fe86befdae836743292ba115bbfd63edbd7

  • SHA256

    297b30d04329d60ca335b82dd1d813b21d884fe642e602b61a9314501ad69782

  • SHA512

    92c92584210b0c0bf9b6d1798a0db0b21901763ef07f93bf176a607ae6448be6e2e82ecc909df5aa65f3a02899cf80c75357d08e544e85438e11a1430c14c6a7

  • SSDEEP

    12288:FVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1I1:cfP7fWsK5z9A+WGAW+V5SB6Ct4bnbI1

Malware Config

Targets

    • Target

      82db4107f6e131cd91a70e918dc4bfb2

    • Size

      3.1MB

    • MD5

      82db4107f6e131cd91a70e918dc4bfb2

    • SHA1

      113d6fe86befdae836743292ba115bbfd63edbd7

    • SHA256

      297b30d04329d60ca335b82dd1d813b21d884fe642e602b61a9314501ad69782

    • SHA512

      92c92584210b0c0bf9b6d1798a0db0b21901763ef07f93bf176a607ae6448be6e2e82ecc909df5aa65f3a02899cf80c75357d08e544e85438e11a1430c14c6a7

    • SSDEEP

      12288:FVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1I1:cfP7fWsK5z9A+WGAW+V5SB6Ct4bnbI1

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks