General

  • Target

    8958de5c2bf9701d5a7d93d25444c447

  • Size

    1.7MB

  • Sample

    240202-m51ryacdd7

  • MD5

    8958de5c2bf9701d5a7d93d25444c447

  • SHA1

    a7ce13895a1f347b2efb1b028041e78376a8193d

  • SHA256

    f07f4994e0fb57cc2f550e7cc7059b2eb27470c13df7ff76e488626d7e8c5efb

  • SHA512

    5dee19a23e54b34acd0a7eca69ebdac3f9c5c0b124d07640a075013f3610263172a7ea804bb1176294e4e800ce2d16e5670fec4455fef21a67c68f8f0183fbbf

  • SSDEEP

    12288:rVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:qfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      8958de5c2bf9701d5a7d93d25444c447

    • Size

      1.7MB

    • MD5

      8958de5c2bf9701d5a7d93d25444c447

    • SHA1

      a7ce13895a1f347b2efb1b028041e78376a8193d

    • SHA256

      f07f4994e0fb57cc2f550e7cc7059b2eb27470c13df7ff76e488626d7e8c5efb

    • SHA512

      5dee19a23e54b34acd0a7eca69ebdac3f9c5c0b124d07640a075013f3610263172a7ea804bb1176294e4e800ce2d16e5670fec4455fef21a67c68f8f0183fbbf

    • SSDEEP

      12288:rVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:qfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks