General

  • Target

    85e07e2192815cfa564f16edf062c8af

  • Size

    2.2MB

  • Sample

    240201-em2bracgfp

  • MD5

    85e07e2192815cfa564f16edf062c8af

  • SHA1

    843a10890c2c0c2df9d3bf43de2334cf020726d9

  • SHA256

    04952d47ce4e62e8f4c7917d557ae78e8d6944b20d050e33444f5dfae68e784c

  • SHA512

    45e193918f286b142000ca3a66afbc204262c0d03b88f5e54bf991aa8a5addb15e762a6dfaf9a1ace4ea0ede4a9afdb7297f894d9aa6e2d64f2ae106f21a5396

  • SSDEEP

    12288:iVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1oeGf:/fP7fWsK5z9A+WGAW+V5SB6Ct4bnbod

Malware Config

Targets

    • Target

      85e07e2192815cfa564f16edf062c8af

    • Size

      2.2MB

    • MD5

      85e07e2192815cfa564f16edf062c8af

    • SHA1

      843a10890c2c0c2df9d3bf43de2334cf020726d9

    • SHA256

      04952d47ce4e62e8f4c7917d557ae78e8d6944b20d050e33444f5dfae68e784c

    • SHA512

      45e193918f286b142000ca3a66afbc204262c0d03b88f5e54bf991aa8a5addb15e762a6dfaf9a1ace4ea0ede4a9afdb7297f894d9aa6e2d64f2ae106f21a5396

    • SSDEEP

      12288:iVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1oeGf:/fP7fWsK5z9A+WGAW+V5SB6Ct4bnbod

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks