General

  • Target

    92da8ef77f8da35f26ca3745c5751b6e

  • Size

    2.9MB

  • Sample

    240205-yldnvafce3

  • MD5

    92da8ef77f8da35f26ca3745c5751b6e

  • SHA1

    2da1916c86694978f141eacd3a48d1637a901cb6

  • SHA256

    69dfa8005188d9abbbdd5fb36e4ca5824e0e09d3b66a6ea1591063b2a498e124

  • SHA512

    4d618e1b046243f1ea13a36a72100c2876723189614f3056981ef72515ad862c7e8bd9411ec38d2f8a86d7f96cae365b4828fc3d77f6c0f923778c015c5e4960

  • SSDEEP

    12288:PVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:mfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      92da8ef77f8da35f26ca3745c5751b6e

    • Size

      2.9MB

    • MD5

      92da8ef77f8da35f26ca3745c5751b6e

    • SHA1

      2da1916c86694978f141eacd3a48d1637a901cb6

    • SHA256

      69dfa8005188d9abbbdd5fb36e4ca5824e0e09d3b66a6ea1591063b2a498e124

    • SHA512

      4d618e1b046243f1ea13a36a72100c2876723189614f3056981ef72515ad862c7e8bd9411ec38d2f8a86d7f96cae365b4828fc3d77f6c0f923778c015c5e4960

    • SSDEEP

      12288:PVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:mfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks