General

  • Target

    8ee9f9e695c16a2a3b8b4e7045e7aadc

  • Size

    3.5MB

  • Sample

    240204-mgk2ksfbb3

  • MD5

    8ee9f9e695c16a2a3b8b4e7045e7aadc

  • SHA1

    ac7e03c930fb8732a11ceac2256a6a1b7ae2964e

  • SHA256

    c517457cd96bd4f3d8648c049817cf5aff519414fa512448f586e47bd84d0cf9

  • SHA512

    a4bfd6bfb3ddcb83bd92e7a3e00947d38e9e395e8e02b46dbfbf6835ba43eacf58b9201ccba45a7aae4fc196fba662acb6343d60d4342c5a17698b85f622cd54

  • SSDEEP

    12288:1VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:sfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      8ee9f9e695c16a2a3b8b4e7045e7aadc

    • Size

      3.5MB

    • MD5

      8ee9f9e695c16a2a3b8b4e7045e7aadc

    • SHA1

      ac7e03c930fb8732a11ceac2256a6a1b7ae2964e

    • SHA256

      c517457cd96bd4f3d8648c049817cf5aff519414fa512448f586e47bd84d0cf9

    • SHA512

      a4bfd6bfb3ddcb83bd92e7a3e00947d38e9e395e8e02b46dbfbf6835ba43eacf58b9201ccba45a7aae4fc196fba662acb6343d60d4342c5a17698b85f622cd54

    • SSDEEP

      12288:1VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:sfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks