General

  • Target

    875d030c5fc6c9897bd817f84ca43711

  • Size

    2.9MB

  • Sample

    240201-t1zseahhd4

  • MD5

    875d030c5fc6c9897bd817f84ca43711

  • SHA1

    865b73891c48646127255bfdc6104552b7aa90a4

  • SHA256

    2303cd17c0c377a2c2446c1267c7ff5a772e4cc30c721eddf332fae15489d256

  • SHA512

    d67ae0e3134a96e7c3948813206839eb330f411104751450cd600b4b7aea549aa2c140b9b45c9c7d36c21b4c09c3ed83c89eac384816dd5942c4d07490cca48b

  • SSDEEP

    12288:tVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:0fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      875d030c5fc6c9897bd817f84ca43711

    • Size

      2.9MB

    • MD5

      875d030c5fc6c9897bd817f84ca43711

    • SHA1

      865b73891c48646127255bfdc6104552b7aa90a4

    • SHA256

      2303cd17c0c377a2c2446c1267c7ff5a772e4cc30c721eddf332fae15489d256

    • SHA512

      d67ae0e3134a96e7c3948813206839eb330f411104751450cd600b4b7aea549aa2c140b9b45c9c7d36c21b4c09c3ed83c89eac384816dd5942c4d07490cca48b

    • SSDEEP

      12288:tVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:0fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks