General

  • Target

    820d38a0c687ab0b550fe547c7bb1d6a

  • Size

    1.7MB

  • Sample

    240130-k73cfachd3

  • MD5

    820d38a0c687ab0b550fe547c7bb1d6a

  • SHA1

    cf838d2bfcdc092fc2ed5d91225c487dbeaa0c54

  • SHA256

    9ddd12552dc5850ed10c847816d6e5f80272a66117d765587662065ede3435c5

  • SHA512

    a0786486bf985c7872c50c7e6a5af21ecee4295ec3fff1cae965d59422004bc00ce346e31c66a2af0c0481db634aeb87393dff80795f6a57903ee3f17426ca4e

  • SSDEEP

    12288:jVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:yfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      820d38a0c687ab0b550fe547c7bb1d6a

    • Size

      1.7MB

    • MD5

      820d38a0c687ab0b550fe547c7bb1d6a

    • SHA1

      cf838d2bfcdc092fc2ed5d91225c487dbeaa0c54

    • SHA256

      9ddd12552dc5850ed10c847816d6e5f80272a66117d765587662065ede3435c5

    • SHA512

      a0786486bf985c7872c50c7e6a5af21ecee4295ec3fff1cae965d59422004bc00ce346e31c66a2af0c0481db634aeb87393dff80795f6a57903ee3f17426ca4e

    • SSDEEP

      12288:jVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:yfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks