General

  • Target

    8443322739870ab27a1db14eabc12b55

  • Size

    1.4MB

  • Sample

    240131-nbrgvacfgm

  • MD5

    8443322739870ab27a1db14eabc12b55

  • SHA1

    5481baebc9122bcd4c65e1afb7f02547f568f3f9

  • SHA256

    caebc606f9cc00c645b3cc46aa6f0fc68cf20a2b832175b14965f5777b5981ca

  • SHA512

    14f20116050d45e6bd7d91e38f87896c0c60c62b80e932325124835ded394e5984b938b544c434934a73bc4deb983e28723524d3223b376e32c5f2e8958cf925

  • SSDEEP

    12288:cVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:pfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      8443322739870ab27a1db14eabc12b55

    • Size

      1.4MB

    • MD5

      8443322739870ab27a1db14eabc12b55

    • SHA1

      5481baebc9122bcd4c65e1afb7f02547f568f3f9

    • SHA256

      caebc606f9cc00c645b3cc46aa6f0fc68cf20a2b832175b14965f5777b5981ca

    • SHA512

      14f20116050d45e6bd7d91e38f87896c0c60c62b80e932325124835ded394e5984b938b544c434934a73bc4deb983e28723524d3223b376e32c5f2e8958cf925

    • SSDEEP

      12288:cVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:pfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks