General

  • Target

    846540a9573e476e30b92db75daf0040

  • Size

    1.7MB

  • Sample

    240131-pgp2msbha5

  • MD5

    846540a9573e476e30b92db75daf0040

  • SHA1

    855922518de0270d786c73a8fff57122dcd0c91b

  • SHA256

    5e53ece48ca9fe32af72a2718f10fe2dd25db88a393f7011a3805115f6b6bd46

  • SHA512

    697f7c5a25e285d8d308d94e7172851083ea0e51a791ff9838c5999c560667a2850d3912593e3c94ec4eef256577487b008a5aef5448d56d1c437d4cd4e4646c

  • SSDEEP

    12288:zVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1a1:ifP7fWsK5z9A+WGAW+V5SB6Ct4bnba1

Malware Config

Targets

    • Target

      846540a9573e476e30b92db75daf0040

    • Size

      1.7MB

    • MD5

      846540a9573e476e30b92db75daf0040

    • SHA1

      855922518de0270d786c73a8fff57122dcd0c91b

    • SHA256

      5e53ece48ca9fe32af72a2718f10fe2dd25db88a393f7011a3805115f6b6bd46

    • SHA512

      697f7c5a25e285d8d308d94e7172851083ea0e51a791ff9838c5999c560667a2850d3912593e3c94ec4eef256577487b008a5aef5448d56d1c437d4cd4e4646c

    • SSDEEP

      12288:zVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1a1:ifP7fWsK5z9A+WGAW+V5SB6Ct4bnba1

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks