General

  • Target

    988a665960686e93f6e271c55e56873c

  • Size

    848KB

  • Sample

    240213-fnygxscf4v

  • MD5

    988a665960686e93f6e271c55e56873c

  • SHA1

    1a2e5ab6aac5a3e17ecea68f4e6209aaa346b901

  • SHA256

    250de592c42aea8b2531d46e8e62c48005c259abee9658d1ba1fd73202e18507

  • SHA512

    a98ad21c2d7f042a2f4003cb7a4ffc81ffda854611e6b96f1601ae8eac185e172df6441d00206180d462fcafa141bac3f72d6c5485c055ab1da57c5316c43b39

  • SSDEEP

    12288:ikbQEkWqv+157EYfxarhwLNuR7ek1tHffB/HzTyNQ6NIeGYr/R:ikbHkWfzZ5adwLNGeStHntqN7v

Malware Config

Targets

    • Target

      988a665960686e93f6e271c55e56873c

    • Size

      848KB

    • MD5

      988a665960686e93f6e271c55e56873c

    • SHA1

      1a2e5ab6aac5a3e17ecea68f4e6209aaa346b901

    • SHA256

      250de592c42aea8b2531d46e8e62c48005c259abee9658d1ba1fd73202e18507

    • SHA512

      a98ad21c2d7f042a2f4003cb7a4ffc81ffda854611e6b96f1601ae8eac185e172df6441d00206180d462fcafa141bac3f72d6c5485c055ab1da57c5316c43b39

    • SSDEEP

      12288:ikbQEkWqv+157EYfxarhwLNuR7ek1tHffB/HzTyNQ6NIeGYr/R:ikbHkWfzZ5adwLNGeStHntqN7v

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Dridex payload

      Detects Dridex x64 core DLL in memory.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks