General

  • Target

    97cf8fad5c73211c258566084c5f9fd4

  • Size

    3.2MB

  • Sample

    240212-2r3rpsfc92

  • MD5

    97cf8fad5c73211c258566084c5f9fd4

  • SHA1

    76eee12ecefa4f75adba75d6dea0f05835a37f0f

  • SHA256

    108a87b96232caa91bfca85eea7f39d6199eccdab6c9731bab39a39e69809c13

  • SHA512

    4e3175ffdec93d3e44658783e06eb3fcec7784dbc7af6512e6ae989d6c64f45186c75ffe0e55bd03c0b8ae380b098f74cc30f11bdc824c480f22f58fcbfa2938

  • SSDEEP

    12288:zVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:ifP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      97cf8fad5c73211c258566084c5f9fd4

    • Size

      3.2MB

    • MD5

      97cf8fad5c73211c258566084c5f9fd4

    • SHA1

      76eee12ecefa4f75adba75d6dea0f05835a37f0f

    • SHA256

      108a87b96232caa91bfca85eea7f39d6199eccdab6c9731bab39a39e69809c13

    • SHA512

      4e3175ffdec93d3e44658783e06eb3fcec7784dbc7af6512e6ae989d6c64f45186c75ffe0e55bd03c0b8ae380b098f74cc30f11bdc824c480f22f58fcbfa2938

    • SSDEEP

      12288:zVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:ifP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks