General

  • Target

    88668b1d3f06f675f928f23dd79da143

  • Size

    2.0MB

  • Sample

    240202-dpaq5segdl

  • MD5

    88668b1d3f06f675f928f23dd79da143

  • SHA1

    c032664de6dc7c1c3380fba695c51cb453ade557

  • SHA256

    b211dfe06a94fe21d84592e03c8f26bc8529eccb6b4ee1bcc7784ffa27f1851a

  • SHA512

    e7a8d2f5d1ba3ffc35ae4da94c25b7b74b80bad5ade5a749b625e3740e246189f482504a04482cd7a35c7d1ca8f30d4f31b989a95a06562dccea6b38f7e018d6

  • SSDEEP

    24576:qfP7fWsK5z9A+WGAW+V5SB6Ct4bnb+sJS:+DW/e+WG0Vo6CtSn

Malware Config

Targets

    • Target

      88668b1d3f06f675f928f23dd79da143

    • Size

      2.0MB

    • MD5

      88668b1d3f06f675f928f23dd79da143

    • SHA1

      c032664de6dc7c1c3380fba695c51cb453ade557

    • SHA256

      b211dfe06a94fe21d84592e03c8f26bc8529eccb6b4ee1bcc7784ffa27f1851a

    • SHA512

      e7a8d2f5d1ba3ffc35ae4da94c25b7b74b80bad5ade5a749b625e3740e246189f482504a04482cd7a35c7d1ca8f30d4f31b989a95a06562dccea6b38f7e018d6

    • SSDEEP

      24576:qfP7fWsK5z9A+WGAW+V5SB6Ct4bnb+sJS:+DW/e+WG0Vo6CtSn

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks