General

  • Target

    9563ed0b9754545b3fcb4f371069c850

  • Size

    1.9MB

  • Sample

    240206-y5966ahbar

  • MD5

    9563ed0b9754545b3fcb4f371069c850

  • SHA1

    cb72c1ed0e5aea7fc98bdad13153b2f6f8e2dbbe

  • SHA256

    9196aeae25a48cad94265c4bd537d45b34095f32a9fcb4c324a1772f3a0f7f1e

  • SHA512

    ea24857063b4641951f3053d5e8da9750fcb7ba93aecd0d4918a8cd4481ae7f40e8ec10f99ecb48e20ff261c3f3953178836b6ad289d530f75b27e25b9ea506a

  • SSDEEP

    12288:yVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1lt:vfP7fWsK5z9A+WGAW+V5SB6Ct4bnblt

Malware Config

Targets

    • Target

      9563ed0b9754545b3fcb4f371069c850

    • Size

      1.9MB

    • MD5

      9563ed0b9754545b3fcb4f371069c850

    • SHA1

      cb72c1ed0e5aea7fc98bdad13153b2f6f8e2dbbe

    • SHA256

      9196aeae25a48cad94265c4bd537d45b34095f32a9fcb4c324a1772f3a0f7f1e

    • SHA512

      ea24857063b4641951f3053d5e8da9750fcb7ba93aecd0d4918a8cd4481ae7f40e8ec10f99ecb48e20ff261c3f3953178836b6ad289d530f75b27e25b9ea506a

    • SSDEEP

      12288:yVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1lt:vfP7fWsK5z9A+WGAW+V5SB6Ct4bnblt

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks