General

  • Target

    97faa14e19a9ab842f271b097ea66614

  • Size

    2.0MB

  • Sample

    240213-ag9cyseg8x

  • MD5

    97faa14e19a9ab842f271b097ea66614

  • SHA1

    52507cb1bb345dcd7c25447b23e45bd7a154dfbe

  • SHA256

    b96d6c0f757ac77df4aaf9d704c37476945c1667ee35423416192a687efb2f90

  • SHA512

    8cfe9eef2c681132639f7fe7632f60209a407a2c2c3836f6ce7257902100b06b86c28a5214c817da4192e20fb2214925cf671cdf3612e7f4f692ef00152e558e

  • SSDEEP

    12288:ZVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1q:YfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      97faa14e19a9ab842f271b097ea66614

    • Size

      2.0MB

    • MD5

      97faa14e19a9ab842f271b097ea66614

    • SHA1

      52507cb1bb345dcd7c25447b23e45bd7a154dfbe

    • SHA256

      b96d6c0f757ac77df4aaf9d704c37476945c1667ee35423416192a687efb2f90

    • SHA512

      8cfe9eef2c681132639f7fe7632f60209a407a2c2c3836f6ce7257902100b06b86c28a5214c817da4192e20fb2214925cf671cdf3612e7f4f692ef00152e558e

    • SSDEEP

      12288:ZVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1q:YfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks