General

  • Target

    8dadabeb855e09466cb759b82a28b258

  • Size

    1.7MB

  • Sample

    240203-3st2macfb9

  • MD5

    8dadabeb855e09466cb759b82a28b258

  • SHA1

    8ab44a1904196da9c425c19c6f1a99c747eb95e6

  • SHA256

    ded1b9fce379f91e8b86bdcdc83e8f6cac8132e3eb81b319134101fa060a4e1e

  • SHA512

    61a1f46664bc16e4b75eedc102e592ba6ebd71d9ccdeb0a97f9b7d44fe4343eadcf32686f390832bc6eebf93a65fea71bab1326f409180fdff650d705c055d3a

  • SSDEEP

    12288:KVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:XfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      8dadabeb855e09466cb759b82a28b258

    • Size

      1.7MB

    • MD5

      8dadabeb855e09466cb759b82a28b258

    • SHA1

      8ab44a1904196da9c425c19c6f1a99c747eb95e6

    • SHA256

      ded1b9fce379f91e8b86bdcdc83e8f6cac8132e3eb81b319134101fa060a4e1e

    • SHA512

      61a1f46664bc16e4b75eedc102e592ba6ebd71d9ccdeb0a97f9b7d44fe4343eadcf32686f390832bc6eebf93a65fea71bab1326f409180fdff650d705c055d3a

    • SSDEEP

      12288:KVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:XfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks