General

  • Target

    8e8a446dc30bc82e523df387c3558ef3

  • Size

    1.4MB

  • Sample

    240204-h3wmzscbf5

  • MD5

    8e8a446dc30bc82e523df387c3558ef3

  • SHA1

    1621bb8aca3dbe07a49f4a77accea97d903da6aa

  • SHA256

    a54623a63baec7f1daef543a37cd351d9eb8b68280815c9a62ca563a3f4eb613

  • SHA512

    cb1fe3af31d2c63aaacb5d880b926fdc073c61dc8e764aa4100a22e005152b3ee04608aff299dbd5c8da4853c69e5e6678a4cb79937cc8f2cf46e74b42094374

  • SSDEEP

    12288:bVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:6fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      8e8a446dc30bc82e523df387c3558ef3

    • Size

      1.4MB

    • MD5

      8e8a446dc30bc82e523df387c3558ef3

    • SHA1

      1621bb8aca3dbe07a49f4a77accea97d903da6aa

    • SHA256

      a54623a63baec7f1daef543a37cd351d9eb8b68280815c9a62ca563a3f4eb613

    • SHA512

      cb1fe3af31d2c63aaacb5d880b926fdc073c61dc8e764aa4100a22e005152b3ee04608aff299dbd5c8da4853c69e5e6678a4cb79937cc8f2cf46e74b42094374

    • SSDEEP

      12288:bVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:6fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks