General

  • Target

    8b2da4bc95bf5e9eea4dc9d881a63a64

  • Size

    1.7MB

  • Sample

    240203-c4ah9aheaq

  • MD5

    8b2da4bc95bf5e9eea4dc9d881a63a64

  • SHA1

    06fdb3058cb3325c6b89af4501d5175466dfd2a2

  • SHA256

    1174bb23c0fc244613bdca40d8b245fa9658dd4a2af35b96dacd05a58dfcc517

  • SHA512

    9a6812aadfdc79c92b3be85881ffaec946a6cb9c6e8cd9440398b958376e259d7969bbb4d4e8807810525e0820f7a6763131314434d02d0976de94ec88e38660

  • SSDEEP

    12288:uVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:zfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      8b2da4bc95bf5e9eea4dc9d881a63a64

    • Size

      1.7MB

    • MD5

      8b2da4bc95bf5e9eea4dc9d881a63a64

    • SHA1

      06fdb3058cb3325c6b89af4501d5175466dfd2a2

    • SHA256

      1174bb23c0fc244613bdca40d8b245fa9658dd4a2af35b96dacd05a58dfcc517

    • SHA512

      9a6812aadfdc79c92b3be85881ffaec946a6cb9c6e8cd9440398b958376e259d7969bbb4d4e8807810525e0820f7a6763131314434d02d0976de94ec88e38660

    • SSDEEP

      12288:uVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:zfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks