General

  • Target

    9c503d7438f97bdf0ea54a1784c30d01

  • Size

    1.7MB

  • Sample

    240214-wqxamshe7x

  • MD5

    9c503d7438f97bdf0ea54a1784c30d01

  • SHA1

    24ff116e01708cbdc64630635e7a329f0c24d4ff

  • SHA256

    5e6a0d4e4750cdaa6c8363ccf3916c21497f3bfe414f335ce27ef22a0bef143d

  • SHA512

    26eeae6f5349ff47fc37545b0e8b00da2adccb7803a6ac14c9a2153d3ebaac022b1da52633c67191b176bd77ed6db0f075a5c901fa3413c899ae57d30cf008a0

  • SSDEEP

    12288:WVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:LfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      9c503d7438f97bdf0ea54a1784c30d01

    • Size

      1.7MB

    • MD5

      9c503d7438f97bdf0ea54a1784c30d01

    • SHA1

      24ff116e01708cbdc64630635e7a329f0c24d4ff

    • SHA256

      5e6a0d4e4750cdaa6c8363ccf3916c21497f3bfe414f335ce27ef22a0bef143d

    • SHA512

      26eeae6f5349ff47fc37545b0e8b00da2adccb7803a6ac14c9a2153d3ebaac022b1da52633c67191b176bd77ed6db0f075a5c901fa3413c899ae57d30cf008a0

    • SSDEEP

      12288:WVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:LfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks