General

  • Target

    950e1f3fafa08bbaab96a8f677b969d3

  • Size

    2.6MB

  • Sample

    240206-vvbdasbgg9

  • MD5

    950e1f3fafa08bbaab96a8f677b969d3

  • SHA1

    4efcf9e8e31cab35b3d8768449db0c3ce621e9a4

  • SHA256

    25c53bf185cee62dacb8fc73f65d4e8efe610bb23512584ad275d593bf772234

  • SHA512

    560de72491536bf63efa68f945b73fb4bfd157802bb9c66245cac9144db1b81c955c152063b8929fbdb32d49ab24f4cfdb5c662712f774bebb982fa12d5295cf

  • SSDEEP

    12288:2VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:rfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      950e1f3fafa08bbaab96a8f677b969d3

    • Size

      2.6MB

    • MD5

      950e1f3fafa08bbaab96a8f677b969d3

    • SHA1

      4efcf9e8e31cab35b3d8768449db0c3ce621e9a4

    • SHA256

      25c53bf185cee62dacb8fc73f65d4e8efe610bb23512584ad275d593bf772234

    • SHA512

      560de72491536bf63efa68f945b73fb4bfd157802bb9c66245cac9144db1b81c955c152063b8929fbdb32d49ab24f4cfdb5c662712f774bebb982fa12d5295cf

    • SSDEEP

      12288:2VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:rfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks