General

  • Target

    8460ca6c008df062af50bb935cad86e0

  • Size

    2.7MB

  • Sample

    240131-pbp5fsbgb2

  • MD5

    8460ca6c008df062af50bb935cad86e0

  • SHA1

    c7d9a2b3fa86c6f68c1afda5ebcd80fbb52fc42b

  • SHA256

    b656eba38e60d3e5cf61d0f7ee76348ec9053509d5c3fe2c3256eee34993cccd

  • SHA512

    40ce6d2e128b77057347d484a3549c06441fb132a837956c412efe90e39e4314eaaaf8b7de092acb7d6ffc5ae2e5886016b956ca29c8607b6dbb8665adb92a38

  • SSDEEP

    12288:4VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:tfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      8460ca6c008df062af50bb935cad86e0

    • Size

      2.7MB

    • MD5

      8460ca6c008df062af50bb935cad86e0

    • SHA1

      c7d9a2b3fa86c6f68c1afda5ebcd80fbb52fc42b

    • SHA256

      b656eba38e60d3e5cf61d0f7ee76348ec9053509d5c3fe2c3256eee34993cccd

    • SHA512

      40ce6d2e128b77057347d484a3549c06441fb132a837956c412efe90e39e4314eaaaf8b7de092acb7d6ffc5ae2e5886016b956ca29c8607b6dbb8665adb92a38

    • SSDEEP

      12288:4VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:tfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks