General

  • Target

    98f5c7f7439e5e6711127f7b70171f20

  • Size

    3.5MB

  • Sample

    240213-kg4gtadf3v

  • MD5

    98f5c7f7439e5e6711127f7b70171f20

  • SHA1

    4740b3ddd312d8780427ad1b064ea771a3dd5996

  • SHA256

    168f22ac4b13eef7be0341f11423fd1240f48cd1d00931664915c48ebc487969

  • SHA512

    0709abbcfb743152c9defb1a37dafd58aca206ea004ffd9b88920741857d75b025d9204a9e4cdeafc7817ed367c369b348570bde8089392403d55052df5c4987

  • SSDEEP

    24576:6fP7fWsK5z9A+WGAW+V5SB6Ct4bnb+A1:ODW/e+WG0Vo6CtSn

Malware Config

Targets

    • Target

      98f5c7f7439e5e6711127f7b70171f20

    • Size

      3.5MB

    • MD5

      98f5c7f7439e5e6711127f7b70171f20

    • SHA1

      4740b3ddd312d8780427ad1b064ea771a3dd5996

    • SHA256

      168f22ac4b13eef7be0341f11423fd1240f48cd1d00931664915c48ebc487969

    • SHA512

      0709abbcfb743152c9defb1a37dafd58aca206ea004ffd9b88920741857d75b025d9204a9e4cdeafc7817ed367c369b348570bde8089392403d55052df5c4987

    • SSDEEP

      24576:6fP7fWsK5z9A+WGAW+V5SB6Ct4bnb+A1:ODW/e+WG0Vo6CtSn

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks