General

  • Target

    81f7894d5f57875aac520d9601f29693

  • Size

    1.7MB

  • Sample

    240130-kfdj1acbf9

  • MD5

    81f7894d5f57875aac520d9601f29693

  • SHA1

    4d2eceac1f40f5fe233c6ba1a1653b058173afed

  • SHA256

    a6f1f005d6597eeaad112e697cdc23a870332a42fd7f897df28d80450d8f1801

  • SHA512

    529bdda31f96e411ef5666581d4fa91ec4e9a14eae64eb544fca05910a3eb52d53f2b3d91153489bfa19d1e87e44075a0a6c04607fd5acaf66e25fcdd861870f

  • SSDEEP

    12288:kVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:BfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      81f7894d5f57875aac520d9601f29693

    • Size

      1.7MB

    • MD5

      81f7894d5f57875aac520d9601f29693

    • SHA1

      4d2eceac1f40f5fe233c6ba1a1653b058173afed

    • SHA256

      a6f1f005d6597eeaad112e697cdc23a870332a42fd7f897df28d80450d8f1801

    • SHA512

      529bdda31f96e411ef5666581d4fa91ec4e9a14eae64eb544fca05910a3eb52d53f2b3d91153489bfa19d1e87e44075a0a6c04607fd5acaf66e25fcdd861870f

    • SSDEEP

      12288:kVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:BfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks