General

  • Target

    8b730e046a9e00dbcd4b779adfff1900

  • Size

    3.4MB

  • Sample

    240203-fjxptscafl

  • MD5

    8b730e046a9e00dbcd4b779adfff1900

  • SHA1

    f0e85cba569ea41a1718ff7b0d9ecf9a6f16173d

  • SHA256

    c6247f54feaf52ef5309f6e1036ed4702a6b892ed0f041ae95481e6d58189a60

  • SHA512

    50b45e5ed09ff723c3ce2be1ce7347d30ca9825f7f8970047072fd9cfd80d8e820e0a3897962beb2bfe0ac17b232ff5925d3c8ca9a0f9bbc6b83fc2ea88f7643

  • SSDEEP

    12288:uVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:zfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      8b730e046a9e00dbcd4b779adfff1900

    • Size

      3.4MB

    • MD5

      8b730e046a9e00dbcd4b779adfff1900

    • SHA1

      f0e85cba569ea41a1718ff7b0d9ecf9a6f16173d

    • SHA256

      c6247f54feaf52ef5309f6e1036ed4702a6b892ed0f041ae95481e6d58189a60

    • SHA512

      50b45e5ed09ff723c3ce2be1ce7347d30ca9825f7f8970047072fd9cfd80d8e820e0a3897962beb2bfe0ac17b232ff5925d3c8ca9a0f9bbc6b83fc2ea88f7643

    • SSDEEP

      12288:uVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:zfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks