General

  • Target

    9a29a513943c5261c5751eb8f7c7be45

  • Size

    1.9MB

  • Sample

    240213-265vlscf86

  • MD5

    9a29a513943c5261c5751eb8f7c7be45

  • SHA1

    5e768dcafcec9bf6816712f536d28214e870299d

  • SHA256

    c324b190c04733675cf28860b0bc552d869144c30ae6bad2250fd457e90c81b7

  • SHA512

    bea3d8effd11b652cf724325eb2d1f1d17fba0f2737684e00c8bb12144086f3508bae067d9822b49f935315a5e04869f0d2d6a7c471bb21d26109ee0bcacc9b5

  • SSDEEP

    12288:+VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:jfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      9a29a513943c5261c5751eb8f7c7be45

    • Size

      1.9MB

    • MD5

      9a29a513943c5261c5751eb8f7c7be45

    • SHA1

      5e768dcafcec9bf6816712f536d28214e870299d

    • SHA256

      c324b190c04733675cf28860b0bc552d869144c30ae6bad2250fd457e90c81b7

    • SHA512

      bea3d8effd11b652cf724325eb2d1f1d17fba0f2737684e00c8bb12144086f3508bae067d9822b49f935315a5e04869f0d2d6a7c471bb21d26109ee0bcacc9b5

    • SSDEEP

      12288:+VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:jfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks