General

  • Target

    87f4ff988b3efc9a3e0d996f68db1be0

  • Size

    2.0MB

  • Sample

    240201-3kxsjsgfb4

  • MD5

    87f4ff988b3efc9a3e0d996f68db1be0

  • SHA1

    89c3b7a72d3dab1fbf000ec432f9e4bdf8169c67

  • SHA256

    a7f598f265286347b55802674110210e08986dad0a49bdd83caf30ee6d6085f0

  • SHA512

    7487d405c81a5a1fb200ffd92223569f782168a092fb09d318e55ba76faece7a8edfbaf97f727f9bff7c92f695a69f33b78d77e66a989e51071d9641669292c0

  • SSDEEP

    12288:kVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1dP4bL:BfP7fWsK5z9A+WGAW+V5SB6Ct4bnbc

Malware Config

Targets

    • Target

      87f4ff988b3efc9a3e0d996f68db1be0

    • Size

      2.0MB

    • MD5

      87f4ff988b3efc9a3e0d996f68db1be0

    • SHA1

      89c3b7a72d3dab1fbf000ec432f9e4bdf8169c67

    • SHA256

      a7f598f265286347b55802674110210e08986dad0a49bdd83caf30ee6d6085f0

    • SHA512

      7487d405c81a5a1fb200ffd92223569f782168a092fb09d318e55ba76faece7a8edfbaf97f727f9bff7c92f695a69f33b78d77e66a989e51071d9641669292c0

    • SSDEEP

      12288:kVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1dP4bL:BfP7fWsK5z9A+WGAW+V5SB6Ct4bnbc

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks