General

  • Target

    8fa5035edba41a44c1622f8db8bad449

  • Size

    2.2MB

  • Sample

    240204-t58wwaedg3

  • MD5

    8fa5035edba41a44c1622f8db8bad449

  • SHA1

    718ffca7d67937eb2cde8d1b8d5020be09e942ea

  • SHA256

    70b295646f4089da73d32bc921fda4a839ef5418bed54e201267c5056316971a

  • SHA512

    2524e563683d3817006f2bf2d7de60a7703735b38d61c55451446420fc4a186e7b048950c194d164be417c02d440de4c7b7e1391936ca7b71374437ce0374858

  • SSDEEP

    12288:AVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:lfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      8fa5035edba41a44c1622f8db8bad449

    • Size

      2.2MB

    • MD5

      8fa5035edba41a44c1622f8db8bad449

    • SHA1

      718ffca7d67937eb2cde8d1b8d5020be09e942ea

    • SHA256

      70b295646f4089da73d32bc921fda4a839ef5418bed54e201267c5056316971a

    • SHA512

      2524e563683d3817006f2bf2d7de60a7703735b38d61c55451446420fc4a186e7b048950c194d164be417c02d440de4c7b7e1391936ca7b71374437ce0374858

    • SSDEEP

      12288:AVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:lfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks