General

  • Target

    978b468d366eefa3e8021e4823555155

  • Size

    1.7MB

  • Sample

    240212-tdfq1sbe72

  • MD5

    978b468d366eefa3e8021e4823555155

  • SHA1

    00f80e8cea22307b4850045b07a11d1e22ef605b

  • SHA256

    02a6e8e3bb7f4f622a24d96dc08782eef781193121b8f45aa54d542f4d2a1c0d

  • SHA512

    47d7a730582b174458c09ef31fb7b81d631365c2c2b2cc9787f6c82e2ac007c184f8a8c57fe0ad9256f7f2c1c48a4b3562d150b4c80e6354bc53803b9f046305

  • SSDEEP

    12288:MVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:5fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      978b468d366eefa3e8021e4823555155

    • Size

      1.7MB

    • MD5

      978b468d366eefa3e8021e4823555155

    • SHA1

      00f80e8cea22307b4850045b07a11d1e22ef605b

    • SHA256

      02a6e8e3bb7f4f622a24d96dc08782eef781193121b8f45aa54d542f4d2a1c0d

    • SHA512

      47d7a730582b174458c09ef31fb7b81d631365c2c2b2cc9787f6c82e2ac007c184f8a8c57fe0ad9256f7f2c1c48a4b3562d150b4c80e6354bc53803b9f046305

    • SSDEEP

      12288:MVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:5fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks